Lao Sen Chang Tan IT Help

We have several servers in the "system event" there will be many Schannel error messages，Click to show “The following serious warnings have been generated: 40。The internal error status is 1205。” Or “Received TLS from remote client application 1.2 Connection requirements，None of the encryption package servers supported by the client application。SSL connection request failed。” Wait for error message。The reason for this message is that this server provides encrypted services，But the user did not make the connection request in an encrypted way，I, for one，The two servers where this message appears are the Mail Server and the electronic sign-off server，Both use SSL certificates。

Windows Server events are full “The Windows Modules Installer service has entered a stopped state”Messages

May 6

Anson |

Windows |

05 6th, 2020| icon1

18,329 views | icon3

Checking a Windows Server today 2008 R2 event，Found "System Event" full of Windows Modules Installer start and stop messages，Internet crawling found An article Is discussing a similar issue，Only the role is “WMI Performance Adapter” service，The reason is that there is a remote service (Like SCOM: System Center Operations Manager) Monitoring computer，Will cause the WMI service to switch on and off in response to it。

May 4

Unifi Network Controller 移機

Anson |

05 4th, 2020| icon1

9,246 views | icon3

The original Unifi Network Controller is installed on a Windows 7 Computer，Recently, I feel that the frequency of stopping the Controller is a little too high，I have to restart the program almost every day，Go online and find that there are official instructions to set the program as a service to run，But after the actual test，The service cannot start，Read the instructions carefully，Windows 8 Or Windows 10 Only，So simply find another Windows 10，And move the Unifi Network Controller。

Apr 30

Windows Server remove SMB 1.0 Client

Anson |

Windows |

04 30th, 2020| icon1

8,965 views | icon3

Previously because the AD domain was 2003 Hierarchical relationship，So on Windows Server 2012 When you want to join the domain in a later version，You have to go to the "function" side first and put SMB 1.0 Client installed，To successfully join the domain。Recently my colleague upgraded the AD domain to 2008 R2，So I want to shut down the SMB v1 of these servers，To improve security。And when you want to remove，Unable to uncheck，Therefore, the removal method is commanded instead.。

Apr 29

Check the space usage of your Synology NAS

Anson |

Storage equipment | icon4

04 29th, 2020| icon1

7,235 views | icon3

Some time ago, the Synology NAS had a few TB less space，Later, according to official teaching，Connect to the system via SSH to view，Only found out that it was the trial CloudStation directory，Generated a huge amount of data，Because it's just a trial，The function does not meet my needs，Later it was removed，And manually remove the hidden @cloudstation folder。

Apr 27

Retrieve printer permissions via command

Anson |

Windows |

04 27th, 2020| icon1

10,457 views | icon3

A very special situation happened today，On Windows Server 2012 Adjust the "Security" of a printer in R2，Masaru “Everyone” After changing the "Print" permission from "Allow" to "Deny"，It disappeared from the "printer" page，Go to "Device Manager"，Also disappear，But the print screen in Excel is still visible，From “\\localhost” I can still see it (Originally opened sharing printing)。Tried to restart Print Spool service and restart，The results are still the same，So I had to try the command mode instead，Change permissions back。

Apr 20

為 Hyper Backup (Synology NAS) Speed limit

Anson |

Storage equipment | icon4

04 20th, 2020| icon1

10,083 views | icon3

The company has two Synology NAS as backup devices，One of them is a remote backup for the other，This is achieved through the Hyper Backup package provided by Synology。Because the amount of data backed up is not small，So if there are some unexpected situations，May cause backup jobs to fail to complete at night，And affects the bandwidth during the day。

Apr 18

FortiGate firmware download

Anson |

04 18th, 2020| icon1

229,623 views | icon3

1,042 Comments »

Recently Fortinet seems to change the firmware download policy，If the warranty has passed，Even if you are a member，Can't download firmware，Just one of the 110Cs in hand recently is a bit abnormal，Firmware needs to be repainted，But can't find the dilemma that the firmware can download。After asking the manufacturer for help, I finally got a firmware，Then, go online and search for the firmware file that can be found，Stay here as a spare，It is also provided to emergency friends。

Apr 18

【Note】 FortiGate command

Anson |

04 18th, 2020| icon1

13,390 views | icon3

[Set interface IP and access permissions]

config system interface
edit port1
set ip 192.168.0.100 255.255.255.0
set allowaccess https http (或 append allowaccess http)
end

【Log has no record】

get log memory filter
# 如果 Severity 為 warning
config log memory filter
set severity information (set severity ? 可以查看所有層級)

【參考連結】

Set FortiGate VM port1 IP address
[Fortinet] No record of Memory Log @mini 鹅的天地 :: Tycoon ::

Apr 9

Fortigate SSLVPN independent client access

Anson |

04 9th, 2020| icon1

9,545 views | icon3

Fortigate SSLVPN on the Internet for teaching article mostly after a successful connection，On the Internet directly through Fortigate，Because the practical application SSLVPN are made to address the issue of censorship，Before ever setting into the client-side only let go when VPN access to internal resources，Internet directly from their own computers out，But because no record left，Has just spent some time researching to get it，So what is recorded。