[Quick fix] Remote user cannot login to the computer. The trust relationship between this workstation and the primary domain failed" error when you log in to Windows.

Situation:

User is not in the office but travelling or works from a remote site.

Reason

1. Lost connection between the ‘client/server’ and the Domain controllers. 

2. Scheduled password change occurs while the server or client is unavailable or has been shut down then the passwords stored in the server/client and the domain controllers for the computer account mismatch, and you will end up getting this error when trying to logon to the server. 

Resolution

Easiest FIX:

1. Login to the computer as local administrator.

2. Connect to the network using VPN.

3. Switch user and ask user to login as himself.

Worked!

Adding port forward rule for new server - Editing config file of a Cisco Router

1) Log into the router with IP address of the router using Putty (SSH). 

2) In command line type in the following:

#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

(config)# ip nat inside source static tcp IP_of_new_server 3389 192.168.1.200 External_RDP_port extendable

(config)#exit

#copy running-config startup-config

destination filename [startup-config] ?          (Hit enter)

To view the config file

#show running-config

press space key to continue

CTL+C to exit

Remote Desktop Issues logging into Windows 2012 server? Common/advanced steps to troubleshoot

1. Make sure you have RDP enabled in the Remote options tab of Computer Properties. 
    ControlPanel - > System -> Remote

2. Make sure the appropriate user accounts are added there. 

3. Check if RDP service is running in Services. If not START it on the server you are trying to RDP.

4. Enable the rule that permits access through the Windows Firewall.

  - Search for Firewall and open “Windows Firewall and Advanced Security”.

- Find the rule “Remote Desktop – User Mode TCP-in” and ENABLE Rule

5. Check the TCP and UDP local ports are 3389 and profile set to All.

6. Start Registry Editor. Locate and then click the following registry subkey:  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber

Check the port number is set to 3389

How to Configure RAID on Dell PowerEdge 2950 Server PERC 5/i

Well Well..I had a very old server lying down in the control room and thought I will just see if I can revive it.

It had no disk, so I took old disks from EMC and inserted. Of course it wont work as these are foreign disks. First of all I had to remember how to setup RAID intially. & below video was very helpful. Thus thought will share..

Simplest way to Change network printer to print Black and white by default

In an Enterprise, color print is expensive. Users often do not care whether the print is color or black and white. They just print. And to save cost, you want users to be offered black and white printing by default?
This is how you do it if your printer is a network printer and runs through a print server.
1. Login to your print server
2. Open 'Print Management'
3. Click on Printers
4. Right Click on the printer you want to set and click on 'Properties'
5. Go to 'Advanced'
6. 'Printing Defaults' and change 'Output Color" to 'Black and White'
7. Click 'OK' 'OK'

Now on next logon users will find the printer's Output color set to 'Black and White'
NOTE: There is another way to do this via group policy but this is the simplest way.

VIDEO CONFERENCING SYSTEM GETTING NUISANCE CALLS

What happens?
- You get continuous calls from random IP addresses on your Video Conferencing Unit.

What is happening?
You're being scanned by someone looking to make free phone calls. These guys are getting to be very bothersome, they're now trying on both UDP and TCP via H.323.

If your IP is set to Public then at some point everyone could get into this issue.

What can be done?
- Deploy Video Border Proxy (VBP)
but it is very expensive at least for me.

http://www.polycom.com.au/products-services/realpresence-platform/universal-access-security/vbp-e-series.html


You could try:

Configure firewall to block all incoming IPs except for those you specify or allow to dial incoming into your network.

You have a VBP, you may be able to adjust settings there to block the calls (like on a Cisco VCS you can create a CPL script that can stop calls)

I'm not aware of a way on the endpoints to prevent these calls, because this is using H323 TCP, it's very hard to prevent them without breaking H323.

Other ways:
- Put the device to 'DO NOT DISTURB' mode.
  This might help as the hackers might think that you have a firewall system.
- Shutdown the system.
  This might be helpful but hackers might still put you in their wishlist.
- Disconnect the LAN while device is not in use. 
  This might be helpful but hackers might still put you in their wishlist.

If you have access to your ROUTER then:
Add below to ACL allowing only the necessary traffic.

permit tcp any any eq 24
permit udp any any eq 24
permit tcp any any range 161 162
permit udp any any range snmp snmptrap
permit tcp any any eq cmd
permit udp any any eq syslog

VIDEO CONFERENCING SYSTEM GETTING NUISANCE CALLS

What happens?
- You get continuous calls from random IP addresses on your Video Conferencing Unit.

What is happening?
You're being scanned by someone looking to make free phone calls. These guys are getting to be very bothersome, they're now trying on both UDP and TCP via H.323.

If your IP is set to Public then at some point everyone could get into this issue.

What can be done?
- Deploy Video Border Proxy (VBP)
but it is very expensive at least for me.

http://www.polycom.com.au/products-services/realpresence-platform/universal-access-security/vbp-e-series.html


You could try:

Configure firewall to block all incoming IPs except for those you specify or allow to dial incoming into your network.

You have a VBP, you may be able to adjust settings there to block the calls (like on a Cisco VCS you can create a CPL script that can stop calls)

I'm not aware of a way on the endpoints to prevent these calls, because this is using H323 TCP, it's very hard to prevent them without breaking H323.

Other ways:
- Put the device to 'DO NOT DISTURB' mode.
  This might help as the hackers might think that you have a firewall system.
- Shutdown the system.
  This might be helpful but hackers might still put you in their wishlist.
- Disconnect the LAN while device is not in use. 
  This might be helpful but hackers might still put you in their wishlist.