The following items were introduced with 24H2 Operating Systems (Windows 11 24H2 and Windows Server 2025). They are not available on earlier Operating Systems. This article is a supplement to the Windows LAPS Overview, and only highlights what is new with 24H2 Operating Systems (Windows 11 24H2 and Windows Server 2025). For a complete overview… Continue reading What’s New in Windows LAPS for 24H2 Operating Systems
BitLocker Volume Details in Splunk
Monitoring BitLocker Volume Details I was recently asked if BitLocker encryption details can be reported on in Splunk. The answer is yes, if you send the right data to Splunk. There is a Windows Event Log (Microsoft-Windows-BitLocker/BitLocker Management) that will log when someone encrypts or decrypts a volume. This information is good to know, but… Continue reading BitLocker Volume Details in Splunk
An Overview of Windows LAPS
What is Windows LAPS? Windows LAPS (Local Administrator Password Solution) automatically manages a local administrator account’s password: changing the password when it expires (using password length and complexity settings) and backing up the password to Active Directory so it is available for authorized users to retrieve. Windows LAPS was made available with the April 2023… Continue reading An Overview of Windows LAPS
Setting the Security Logon Banner Message on iDRAC 9 (14G Servers)
There are a lot of new features available on the iDRAC9 which comes with 14G Dell servers. One of these features that I have implemented right away is the logon banner message, which is displayed as the Security Notice on the logon page. To set the a custom message you can use racadm: Local racadm:… Continue reading Setting the Security Logon Banner Message on iDRAC 9 (14G Servers)
Embedded Splunk Report
Monitoring a Service in SCOM
Overview Monitoring a service in SCOM is very easy to set up – thankx to the Windows Service Management Pack Template. Many times there is a Management Pack already created that you can import to monitor a service (Active Directory, SQL Server, etc.) When there is no Management Pack available for a Specific Service, or… Continue reading Monitoring a Service in SCOM
Using Splunk to Identify Account Logon Failures and Lockouts in Active Directory
Working as both an AD Domain Admin and Splunk Admin, I am working on an Active Directory app for Splunk to present useful statistics as well as provide search forms and reports to be used by AD and Help Desk support staff. This is the first in a series of blog posts I will make on the development… Continue reading Using Splunk to Identify Account Logon Failures and Lockouts in Active Directory
NIC Teaming in Windows Server 2012 – Part 2: PowerShell Method
This is the second in a two-part series on NIC Teaming in Windows Server 2012. Part 1 focused on the GUI method (using Server Manager.) Part 2 focuses on using PowerShell. Depending on its configuration, NIC Teaming provides the following benefits: bandwidth aggregation – If you team 2 NICs, you have the capability to double your network throughput.… Continue reading NIC Teaming in Windows Server 2012 – Part 2: PowerShell Method
NIC Teaming in Windows Server 2012 – Part 1: GUI Method
This is the first in a two-part series on NIC Teaming in Windows Server 2012. Part 1 focuses on the GUI method (using Server Manager.) Part 2 will focus on using PowerShell. Depending on its configuration, NIC Teaming provides the following benefits bandwidth aggregation – If you team 2- 1 GB NICs, you have the capability to double… Continue reading NIC Teaming in Windows Server 2012 – Part 1: GUI Method
“SQL Reporting Server could not be contacted” when installing (upgrading to) SCOM 2012 SP-1
When upgrading my test SCOM server from RTM to SP-1, I got an error during the prerequisite check: “SQL Reporting Server could not be contacted.” I verified that ReportServer was available, and the resolution did not offer anything helpful. When first installing SCOM several months ago I had configured SSRS to only use https. … Continue reading “SQL Reporting Server could not be contacted” when installing (upgrading to) SCOM 2012 SP-1