Which User loged on what workstation - "short tips" - Windows2003 domain

A short tip ;)

To find out were "someuser "is logged on what "workstation"

We go to the domain PDC ( check "netdom query fsmo")

->eventvwr -> security -> filter by

-> "event source":security

-> search the user you are looking for on field - user:

john

That's it.

Linux Basics - 1

== Linux basic commands ==

The kernel: Monolithic or Modular

A monolithic kernel is one which has support for all hardware, network, and filesystem compiled into a single image file.

A modular kernel is one which has some drivers compiled as object files, which the kernel can load and remove on demand. Loadable modules are kept in /lib/modules.

-------Commands that can help --------------------

# lsmod - list currently loaded modules

# rmmod - remove a single module

# insmod - insert a single module

# depmod - create the database of module dependencies modules.dep

# modprobe -insert a module and dependencies listed in modules.dep

# modinfo - list information about the author, license type and module parameters

Diagnostics on Win2003 AD

Some commands for diagnostics on Windows Domain Controler


==== Diags Commands ====
Check - c:\windows\NTDS - ntds.dit / edb.xxx
c:\windows\SYSVOL\sysvol\domain.local --- subfolders
share - NETLOGON -> c:\windows\SYSVOL\sysvol\domain.local\SCRIPTS
share - SYSVOL -> c:\windows\SYSVOL\sysvol
Check - DNS console - SRV records - _msdcs.domain.local
= nslookup
nslookup gc._msdcs

= dcdiag /test: replications
dcdiag /test: topology, cutoffserver, netlogons, fsmocheck, DNS, frssysvol, frsevent, kccevent, systemlog, RegisterInDNS,
= repadmin /replsum
= repadmin /showrepl
== repadmin /replicate destDC courceDC NamingContext /force
= repadmin /showconn
= repadmin /showreps

= netdom query FSMO == netdom /verify DSTBDC /domain:domain.local
= netdom query DC

= nltest /DSGETDC:domain.local

= dnslint /ad /s localhost /v
= dnslint /d domain.local /s 10.x.x.x /v
explore
= dcdiag
= netdiag

= w32tm /config /syncfromflags:manual /manualpeerlist:10.x.x.x
= w32tm /config /update
= w32tm /dumpreg /subkey:parameters
= w32tm /monitor

-----Test------------ exchange "Service Principal Names" - LDAP --------------------
setspn -L "servername"
setspn -?