This website is originally written in the Czech language. Only part of the content is machine (AI) translated into English. The translation may not be exact and may contain errors.
Statistics
Page has been view by 9 703 540 visitors. During today 679. Right now is here 92 guests.
Veeam ONE - upgrade to version 12.2
A brief description of the in-place upgrade of Veeam ONE 12 to version 12.2. The whole process is simple and hassle-free. It should work similarly for other versions as well.
How to Group Managed Service Accounts (gMSA)
How to better and more securely resolve service accounts for running services or scheduled tasks in a Microsoft Active Directory domain environment. Managed service accounts have been available for a long time. Managed Service Accounts were added with Windows Server 2008 R2. They help address service identities with greater security and reduce management overhead. The administrator doesn't have to worry about passwords because secure password management for the accounts is provided by the Windows operating system. They are used to non-interactively run applications, services, processes, or tasks that need a secure identity (credential).
Veeam Backup & Replication 12 - Backup Copy Job and Seeding
The way backup files are stored has been modified in Backup & Replication 12. Primarily Per-Machine Backup with Separate Metadata Files is used. The Backup Copy Job has also changed quite a bit. In this article, we'll take a look at how the new Backup Copy Job works. And we'll practically describe copying backups to a remote location when the data is large and a complete transfer over the WAN would take too long. We will use Seeding and transfer the data (initial Full Backup) offline on an external USB drive. After that, we map the copy job to the transferred data.
Veeam Backup & Replication - Oracle Database backup
We will look at backing up Oracle databases using the Veeam Plug-in for Oracle RMAN. We will describe a newer option (from VBR version 12), when backup is controlled from Veeam Backup & Replication Server. That is, centrally as common backup types. This is the managed mode (Managed Mode) of the Veeam Plug-in. Protection Groups are used to deploy and manage plug-ins (as well as agents).
ExtremeCloud IQ - AP and WLAN configuration
We will look at using ExtremeCloud IQ cloud management for the basic configuration of an Extreme Networks Wireless Access Point. We will focus on updating the APčka operating system version. Working with credentials. Configure basic properties and create a wireless network (WLAN) with SSID using Network Policy. We will mention methods for deploying a policy to a device.
Extreme Networks Access Point AP305 and ExtremeCloud IQ
A little introduction to Extreme Networks and their AP305 access point for wireless networks (Wi-Fi). We will describe the creation of an account (registration) in the ExtremeCloud IQ cloud management. We will connect the new Access Point AP305c to this management.
Exchange of SAML certificate for Entra ID Enterprise Application
We have a situation where for some application, here we will show for SSL VPN on Fortinet FortiGate, we are using Microsoft Entra ID user authentication using SAML 2.0. When we set up SAML Single sign-on in the Enterprise Application, a self-signed certificate with a validity of 3 years was generated. This is used for communication between the application and Entra ID. We will describe the procedure for renewing (replacing) a certificate when it expires.
Veeam ONE Client - monitoring basics
The Veeam ONE solution uses a rich client that enables monitoring of backup and virtual infrastructure. And a web client that provides dashboards and reports. In this article, we'll look at the basic usage and features of the rich Veeam ONE Client for infrastructure monitoring and management. An important part of the solution are alarms that alert you to events, changes and problems.
FortiGate Hairpin NAT, SNAT and DNAT behavior between networks
We will describe the behavior and possible configurations of a somewhat specific situation. If a device on the LAN (behind the FortiGate) accesses another device on the same or adjacent network (connected to the FortiGate) through an external IP address (network). Destination (Destination) and possibly source (Source) address translation (NAT - Network Address Translation) is used. This situation is referred to as NAT Hairpinning, Hairpin NAT, NAT loopback or NAT reflection. What matters is when and how FortiOS uses Source NAT.
Veeam ONE - basic installation and commissioning
Veeam ONE is a solution for monitoring and analyzing the Veeam Backup & Replication backup solution, but also the entire virtual infrastructure on the VMware vSphere or Microsoft Hyper-V platform. We will describe basic installation and configuration, connection to Veeam Backup & Replication Server, VMware vCenter Server and System Center Virtual Machine Manager Server. Installation is simple and not much configuration is required to make the product work. But some things are good to know.
Most viewed acrticles
TCP/IP - addresses, masks, subnets and calculations
The seventh part of the series on computer networks is more interesting and provides practical information. At the beginning there is a description of the basic terms for networks and subnets, IP addresses and masks. Next, the various network classes and how to write subnets are discussed. The second part deals with practical calculations of network ranges, network masks, number of hosts and subnets.
Windows commands for command line
My plan was to write down various useful commands for Windows in one place, along with a very brief description and example of common usage. I got some basics together but wanted to expand and fix it, but months go by and nothing, so I'm posting it in a not-so-finished state. Here you will find commands for use within the domain, but also for local matters. These are mostly commands used from the command line that are included with Windows. However, some are from Support Tools or Windows Resource Kits. I welcome your comments and additions in the comments.
VLAN - Virtual Local Area Network
The eighth part of the series on computer networks. VLAN, or Virtual Local Area Network, is a common technology these days that brings a number of advantages. I think that all medium-sized and larger companies use VLAN technology, and it can be interesting for small companies as well. VLANs are used to logically divide the network without being tied to physical division. In the article, I try to describe everything necessary to understand what VLAN is, what are the advantages and methods of deployment.
Cisco IOS 3 - interface/port settings - access, trunk, port security
In the continuation of the description of the Cisco Switch operating system, I will focus on probably the most used area, setting parameters for ports and interfaces. From basic properties, through the use of VLANs, IP address settings to port security using Port security. The description is only brief and there are practical examples at the end.
Azure AD / Entra ID identity and authentication
Articles related to user and device identity (not only) in Microsoft Entra ID. Different login and authentication options. Areas such as modern authentication, multi-factor authentication, password-less login, etc. Often involving the use of FIDO Authentication, for example using the FIDO2 security key or Windows Hello for Business.
(articles in the series: 3)
Basics of computer networks
I wrote this series for Connect magazine. It contains most of the same information as my older series Computer networks, but it is written in a slightly different way. Computer network technologies are first briefly summarized and then discussed in a little more detail from the lowest layers up.
(articles in the series: 1)
Cisco IOS
A large series about the operating system of Cisco's active elements. It contains some of the most read articles on this site. The articles describe the configuration of switches and routers, primarily with Cisco IOS. Things about ports, VLANs, STP, ACLs, QoS, etc.
(articles in the series: 18)
Computer networks
This series covers the basics of computer networking. Important practical aspects that everyone interested in networking should know are briefly described. It contains some of the most widely read articles on this site. It is used for teaching in schools.
(articles in the series: 2)
Computer Storage
Data storage is a vast and complex issue in the computer world. Here you will find articles dedicated to Storage Area Networks (SAN), iSCSI technologies, Fiber Channel, disk arrays (Storage System, Disk Srray) and data storage and storage in general.
(articles in the series: 1)
Fortinet FortiGate and more
Fortinet security solutions. Mostly focused on the Next Generation Firewall (NGFW) FortiGate. Configuration of FW, policies, NAT, but also VPN and authentication options. Marginally working with logs using FortiAnalyzer and with clients using FortiClient EMS.
(articles in the series: 2)
Kerberos protocol with focus on SSO in AD DS
A new series that deals in detail with the Kerberos V5 protocol, mainly in the Microsoft Active Directory environment. It also describes a number of related things that are needed to understand how Kerberos Single Sign-On (SSO) works.
(articles in the series: 5)
Microsoft Exchange
Almost since the beginning of my practice, I have been involved in the administration of the Microsoft mail server, i.e. Exchange Server. I started with the 2003 version and worked my way up to Exchange Online. The articles cover many areas of management. Most since the migration to Exchange Server 2016 and its complete configuration. But also Exchange Hybrid and e-mail security.
(articles in the series: 0)
Veeam Backup & Replication
Articles that focus on Veeam Software's backup solution. It is a platform for Backup, Replication and Restore. In other words, a Data Protection and Disaster Recovery solution.
(articles in the series: 6)
Most recent comments
Díky za super článek. Tolik podrobností, které tu člověk najde, to je radost!
Ďakujem
Chci jen vyjádřit svůj vděk za command "sudo profiles renew -type enrollment", Intune mi po měsíci používání začal failovat na "Check status error" a jediná rada na oficiálních kanálech byla kompletní factory reset a re-enrollment. Tento command jen znovu trignul enrollment, po restartu mi donutil změnit heslo a vše opět funguje.
Nevím proč, ale přepnutí MDM Autority na Intune nám z nějakého důvodu nešlo z webGUI, ale pomocí příkazů Connect-MgGraph, Get-MgOrganization a Set-MgOrganizationMobileDeviceManagementAuthority. Je potřeba vytvořit v Entře podnikovou aplikaci, a přiřadit ji práva, aby to prošlo. Pěknej oser.
Začínající administrátor moc děkuje za vysvětlení této problematiky <3
Pan co provozuje tuhle stranku je zachrance.
Super