AlphaCron Datensysteme - Blog

 
alt

Marc Pauls

 

    no logon possible after Windows Server 2022 to 2025 in-place upgrade

    Marc Pauls  1 May 2025 09:32:26
    After having analyzed the issue for more than 2 weeks I found out that the password of the krbtgt user hadn't been updated for ages (never).
    Resetting the password before the upgrade did the job. But be careful: if you have more than only one domain controller you should change the password only one time and wait for a very long time (one week!!!) before you upgrade the DC from 2022 to 2025 that everything will be replicated well to the other DCs and also to the member servers/clients.
    Comments Disabled

      Notes 14.0 - irreführende Downloads

      Marc Pauls  5 October 2024 21:42:23
      Beim Download des Notes Designer/Admin-Clients im neuen My HCLSoftware Portal ist die Namensgebung sehr irreführend.
      Obwohl unterhalb der Kategorie "Designer Admin Client" nur der letzte Download
      "Notes_Designer_Admin_14.0_Win64_English.exe"
      den Namen "Admin" enthält, sollte man sich davon nicht in die Irre führen lassen und glauben es gäbe den Admin-Client nur

      in Englisch. Im File "Notes_Designer_14.0_Win64_German.exe" ist der Admin-Client genauso enthalten.


      Auch beim Update auf 14.0.0FP2 wird durch das File "Notes_1400FP2_Win64.exe" sowohl der Notes-Client als auch der

      Admin-Client und Designer geupdatet.

      Comments Disabled

        important links for expired certificates in vCenter server

        Marc Pauls  7 November 2023 14:14:20
        https://vninja.net/2022/08/08/expired-vmware-vcenter-7-certificates/
        https://kb.vmware.com/s/article/76719
        https://vkasaert.com/2023/02/13/expired-vcenter-certificates-how-to-get-back-in-the-game/

        to investige or expired certificates use:

        for store in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list | grep -v TRUSTED_ROOT_CRLS); do echo "[*] Store :" $store; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $store --text | grep -ie "Alias" -ie "Not After";done;

        restarting services with:

        service-control --stop --all && service-control --start --all

        in rare cases use "lsdoctor":  python lsdoctor.py --stalefix and  python lsdoctor.py --trustfix (depending what python "lsdoctor.py -l" shows)

        also "fixsts" may help
        Comments Disabled

          after recent Microsoft Updates Nov/22 access to Server 2003 ressources is not possible

          Marc Pauls  15 November 2022 10:57:49
          on the DC where the update was installed just state:

          reg add "HKLM\SYSTEM\CurrentControlSet\services\kdc" /v ApplyDefaultDomainPolicy /t REG_DWORD /d 0 /f
          Comments Disabled

            Domino HEI installation hangs during Linux installation after entering server names

            Marc Pauls  23 October 2022 12:47:53
            After investigating several hours why the HEI installation in version 12.0.1 hangs after entering the server names
            I found out that the note at the end of the article

            https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0094809

            where is stated "You may also need to verify if the .bash_profile for root and notes user has been set as per the KB0088565"
            should be taken seriously and the environment variables in the NOTES user profile should be set up correctly.
             
            Comments Disabled

              LANCOM Router and IPv4 rules / rulesets

              Marc Pauls  11 April 2022 09:33:51
              When working with IPSec on LANCOM routers you might need to create IPv4 rules / rulesets to manage SAs between you and the remote site.
              Always take care not to name the ruleset equal to any rule! In case you did you will see that the single IPv4 rule will be used instead of the ruleset where the rule is included.
              LANCOM should prevent the double naming conditions in its firmware.
              Comments Disabled

              Exchange Server 2016 / 2019 stops delivering mails from 01.01.2022 :-)

              Marc Pauls  1 January 2022 13:17:06
              For everyone wondering why their on-premise Exchange Server doesn't deliver any mails anymore - there is a kind of a year 2022 problem :).
              You may suddenly see an error from "FIPFS" (error code 5300) in your event log stating "can't convert 2201010001 to long".


              For a quick workaround:


              start the Exchange Management Shell


              cd $exscripts

              .\Disable-AntimalwareScanning.ps1


              restart the MSExchangeTransport service
              by:

              net stop msexchangetransport
              net start msexchangetransport

              Dear Microsoft: signed int32 max value can only be 2.14... * 10^9 - and 2147483647 < 2201010001 :-D

              Looking forward for a Hotfix published my Microsoft.


              HNY 2022!

              Comments Disabled

                NCP Enterprise VPN Client with Allied Telesis AR4050S

                Marc Pauls  14 October 2021 22:52:55
                As the AR4050S determines all IKE-IDs with an "@" in it as FQUN and without an "@" as FQDN in its IPsec
                implementation it was difficult (especially with the Mac client where no expert mode exists) to establish

                a proper connection without much handwork if you want to use usual usernames that are not email addresses.

                Now NCP released a new client plugin in their SEM that has the possibility to define the FQDN or FQUN

                manually (in the client template or delegated to the client itself).


                This makes it finally possible to use the NCP client together with the great firewall products of Allied Telesis
                in a perfect way without the need of any strange OpenVPN clients.

                Both together - the NCP Client and the AR4050S firewall - let you build a solid and reliable VPN login platform
                for your business. The outstanding performance in IPsec routing in comparison to other competitors makes
                this combination an excellent solution for a secure access to your company network.

                Thank you NCP for the excellent job!

                Comments Disabled

                  Windows DC desktop icons

                  Marc Pauls  7 October 2021 11:56:36
                  After promoting a Windows Server to a DC you can't access the desktop icon menu anymore.
                  Workaround:

                  desk.cpl ,,5

                  Comments Disabled

                    upgrade to HCL Domino 12.0

                    Marc Pauls  13 June 2021 20:10:51
                    worked perfect...
                    Comments Disabled

                      Thüringer Schulcloud nicht von überall erreichbar

                      Marc Pauls  24 April 2021 08:35:23
                      Am 22./23.04.2021 war die Thüringer Schulcloud bzw. der dortige Login-Bereich nicht von allen Anschlüssen erreichbar.
                      Grund dafür war eine aktivierte DDoS-Protection bei dem zuständigen Hoster 1&1 IONOS. Dort wurden ganze Netzbereiche vorsorglich gesperrt, von denen man meinte sie könnten eine "Gefahr" darstellen. Nach einiger Korrespondenz mit dem Support konnten wir nun ein Whitelisting zumindest unserer IP-Adressbereiche erwirken.
                      Comments Disabled

                        Canon printers and MacOS BigSur

                        Marc Pauls  16 April 2021 21:45:15
                        After upgrading to BigSur your Canon printer might print only empty pages.
                        To fix this use the driver: https://www.canon-europe.com/support/consumer_products/products/fax__multifunctionals/laser/laserbase_mf_series/i-sensys_mf5980dw.html?type=drivers&language=de&os=macos%2011.0%20%28big%20sur%29

                        Comments Disabled

                          Telekom CompanyFlex Pure - LANCOM

                          Marc Pauls  10 April 2021 09:21:42
                          When setting up a Telekom CompanyFlex Pure account (with use of a "foreign" access) with the LANCOM wizard it is necessary to enable/enforce the TLS 1.2 encryption afterwards in the line settings.
                          ComanyFlex Pure seems to work only with encryption from outside the DTAG network.
                          Comments Disabled

                            diable annoying security request in MacOS

                            Marc Pauls  17 August 2020 08:52:13
                            To disable the security request when installing an application in MacOS just type

                            sudo spctl --master-disable
                            Comments Disabled

                              enable SMBv1 on Windows Server 2019

                              Marc Pauls  28 July 2020 14:56:34
                              To enable casual (old) SMBv1 on a Windows Server 2019 as a client (e.g. to access a QNAP NAS, etc.)

                              - enable CIFS/SMBv1 in Windows Features


                              then execute:


                              sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi

                              sc.exe config mrxsmb10 start= auto

                              Comments Disabled

                                Upgrading to HCL Domino/Notes 11 successful

                                Marc Pauls  24 December 2019 14:29:36
                                the upgrade to Notes 11 (clients and servers) performed without any problems
                                Comments Disabled

                                  installing Notes 10 on a usual Windows Terminalserver

                                  Marc Pauls  17 November 2019 12:08:10
                                  IBM/HCL for years only support the installation of a Notes Client in a Citrix environment.
                                  We have installed our Notes Client on our Terminalserver in c:\notes with this command:

                                  setup.exe /v"SETMULTIUSER=1 MULTIUSERBASEDIR=c:\notes\!USERNAME! MULTIUSERCOMMONDIR=c:\notes\common CITRIX=1"

                                  ...even not supported it runs absolutely perfect!

                                  Comments Disabled

                                    vCenter management server login not possible after upgrade to latest 6.7

                                    Marc Pauls  16 November 2019 11:12:36
                                    After upgrading the vCenter appliance to the latest 6.7 version it might happen that the login to the management web console isn't possible anymore.
                                    Login with SSH is possible. It seems that the application management service (applmgmt) for some reason isn't started. To solve this issue login to the shell and type

                                    service-control --start applmgmt
                                    service-control --stop vmware-vapi-endpoint
                                    service-control --start vmware-vapi-endpoint

                                    Until the next reboot this helps...

                                    Comments Disabled

                                      teilweiser Netzausfall

                                      Marc Pauls  6 November 2019 21:03:08
                                      Heute kam es in der Zeit von 17:30Uhr bis 20:30Uhr wegen eines MPLS Backbone-Problems von euNetworks zu deutschlandweiten Ausfällen und großem Packet Loss zu einigen Destinationen.
                                      Comments Disabled

                                        HCL Notes 11 release date

                                        Marc Pauls  23 October 2019 17:42:48
                                        HCL Notes release date seems to be clear. It'll be released on December 4th on an event in Tokio.
                                        Comments Disabled

                                          AlphaCron Datensysteme ist HCL Partner

                                          Marc Pauls  14 October 2019 16:50:12
                                          Nach langjähriger Pause im Domino/Notes Geschäft ist AlphaCron nun HCL Partner und bietet Kunden professionelle Unterstützung bei deren Projekten.
                                          Comments Disabled