Posted on

SCCM No Task Sequence Available For This Computer

This is caused by one or more workstations in the network having the same SMBIOS GUID, aka System UUID in SCCM terms.

On the workstation that cannot run a Task Sequence, launch a command prompt in WinPE by pressing SHIFT + F10 and drop into the WMIC CLI by issuing this command:

wmic

At the prompt wmic:root\cli>, get the SMBIOS GUID by issuing:

csproduct get uuid

Paste this into a new text document using notepad and then transfer to SCCM. We’ll build a query using the System UUID to find the conflicting workstations.

net use j: \\sccmServer\share /user:domainName\userName

We’ll enter that System UUID into a Device Collection Query:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SMBIOSGUID = “4C4C4544-0053-5810-8059-B2C04F433832″

 

Posted on

Windows 10 Add User

This task fails when using the Settings app, but there is a work around.

Tap Windows Key + R to open the Run dialog window.

Run this command:

control userpasswords2
Posted on

EdgeOS 1.9.1 l2tp ipsec vpn

So upgrading to the latest firmware on my Ubiquiti Edgerouter in typical fashion broke something I depend on, remote access to my home network.

The solution below was found in the forums. The poor fellow posted his problems September 9, 2016. Engineers responded January 27, 2017.

delete vpn l2tp remote-access outside-address
delete vpn l2tp remote-access outside-nexthop
set vpn l2tp remote-access dhcp-interface eth0

The official documentation states the outside-nexthop and outside-address were deprecated.

 

Reference

https://community.ubnt.com/t5/EdgeMAX/ERL-1-9-X-Can-t-connect-to-l2tp-ipsec-vpn-server-after-router/td-p/1667212

Posted on

Cisco Router Packet Forwarwding

Process Switching

The router scans the entire routing table, searching for an exit interface that is connected to the destination network. Note this is CPU intensive and no longer practiced because it would quickly bog down a router.

Fast Switching

Enabled by default on all interfaces that support fast switching. To conserve resources, the router builds a table in high speed cache to prevent process switching every packet it receives.

When a router receives a packet sent to a destination not already in cache, it will be process switched.

After finding the exit interface and determining the Next Hop IP, the router will place this information in the cache.

You can enable fast switching per interface by issuing

conf t
int fa0/0
ip route-cache

Review that fast switching has been enabled

Lab-C#show ip int fa0/0 | in IP fast
 IP fast switching is enabled
 IP fast switching on the same interface is disabled

You can view the table held in cache

show ip cache

You can review this process of placing entries in the cache by enabling packet debugging by issuing

debug ip packet detail

Keep in mind that when you have enabled packet debugging you can review process switching activity, however fast switched and CEF switched packets do not show up. So for the sake of troubleshooting it may be a good idea to disable fast switching (no ip route-cache) and CEF.

References

Intense School: Process Switching, Fast Switching, and CEF

Cisco Fast Switching

Cisco Verify CEF Switching

Posted on

Gratuitous ARP

A client network interface configured for DHCP will issue a gratuitous ARP request after it has received an IP offered from the DHCP server. It does this to detect if any other local hosts have the same IP address in order to avoid a continued address conflict.

The host in question will issue a gratuitous ARP request packet configured as follows:

Source Hardware Address (SHA): its own MAC address
Source Protocol Address (SPA): the DHCP assigned IP address
Destination Hardware Address: Broadcast MAC FF:FF:FF:FF:FF:FF
Destination Protocol Address: the DHCP assigned IP address

Since hosts are required to receive and process all ARP traffic, you can expect a gratuitous ARP reply if another host already has the IP address recently assigned. At this point the DHCP client will report the address conflict to the DHCP server.

Although the DHCP server will initially send pings to the IP it intends to assign as a preventative measure, it is possible the ARP table on the DHCP server is not accurate. Therefore a local host could be lurking on the network with the IP in question but a MAC address other than what is, or is not, recorded in the ARP table on the DHCP server.

References:

RFC 826: Ethernet Address Resolution Protocol

RFC 5227: IP Address Conflict Detection

Wireshark: Gratuitous ARP

Posted on

Slot Naming Convention

When matching physical interfaces on a router to what we see in the CLI it is important to understand the Cisco slot naming convention. Cisco will number slots,sub slots, and ports right to left, then bottom to top.

Convention is Slot#/Port# or Slot#/Subslot#/Port#

Review available interfaces from the CLI by issuing the command:

show ip interfaces

Built-in interfaces belong to Slot 0.  For example, the 2811 router has two built in Fast Ethernet ports. From the CLI they are identified as Fa0/0 and Fa0/1

Say I plug in a serial module WIC-2T into subslot 0. From the CLI they are identified as S0/0/0 and S0/0/1. This shows the WIC-2T module belongs to slot 0, subslot 0, and we have two interfaces available at ports 0 and 1.

To illustrate another slot, slot 1; I plug a network module extension (NME) known as NM-1FE2W.  This has one Fast Ethernet interface and provides two additional subslot spots for wide interface card (WIC) modules above. In my following illustration you can see I have added another WIC-2T to the NM-1FE2W.

As a result I now have two more serial interfaces that are identified in the CLI as S1/0/0 and S1/0/1.

At last I will populate subslot1 of the previously installed NM-1FE2W with a 4 port switch interface card, the HWIC-4ESW. From the CLI you’ll observe 4 new interfaces, Fa1/1/0, Fa1/1/1, Fa1/1/2, and Fa1/1/3.

After adding the NME and all WICs you have access to the following interfaces:

Router>show ip interface FastEthernet0/0 is administratively down, line protocol is down (disabled) Internet protocol processing disabled FastEthernet0/1 is administratively down, line protocol is down (disabled) Internet protocol processing disabled 
Serial0/0/0 is administratively down, line protocol is down (disabled) Internet protocol processing disabled Serial0/0/1 is administratively down, line protocol is down (disabled) Internet protocol processing disabled FastEthernet1/0 is administratively down, line protocol is down (disabled) Internet protocol processing disabled 
Serial1/0/0 is administratively down, line protocol is down (disabled) Internet protocol processing disabled Serial1/0/1 is administratively down, line protocol is down (disabled) Internet protocol processing disabled FastEthernet1/1/0 is up, line protocol is down Internet protocol processing disabled FastEthernet1/1/1 is up, line protocol is down Internet protocol processing disabled FastEthernet1/1/2 is up, line protocol is down Internet protocol processing disabled FastEthernet1/1/3 is up, line protocol is down Internet protocol processing disabled Vlan1 is administratively down, line protocol is down Internet protocol processing disabled

Below is a screen shot of what my Cisco 2811 router looks like in Packet Tracer.

CiscoSlotConvention

Posted on

Destination Unreachable vs Request Timed-Out

According to Mr. Lammle:

If a packet is lost on the return to the originating host we will probably see a request timed-out because of an unknown error.

If a packet is lost on the way to it’s destination, we will see a destination unreachable message. Typical cause is a router along the way does not possess a route to the destination.

To summarize, a packet can successfully reach its destination and on the return can be dropped at the destination host or a successive router because a needed route does not exist.

Posted on

Locate and uninstall Windows Product Key

Recently I began preparing a Task Sequence in Microsoft System Center Configuration Manager (SCCM) to upgrade workstations from Windows 8.1 Pro to Windows 10.

A goal of mine was to conserve the product keys we had purchased so they wouldn’t go to waste.

Here is a short Powershell script that could be included as a step in a Task Sequence to accomplish this goal.

$temp = cscript.exe C:\windows\system32\slmgr /dlv
#$temp = Select-String -Path .\license.txt -Pattern "Application ID:"
#$temp = Select-String -InputObject $temp -Pattern "Application ID:"
$temp=Select-String -InputObject $temp -Pattern "Application ID:"
$temp=$temp.ToString()
$temp=$temp.SubString(57)
echo $temp
slmgr /upk $temp
Posted on

Restart Ubiquiti Edgerouter Remote Access VPN

After connecting to my home lab the day before, today no dice.

Connecting from the same site as yesterday, I enabled the hotspot on my iPhone and connected my laptop to the personal WiFi.

At that point I could bring up the vpn to back home.

At the router I issued show vpn debug to check things out. To my surprise I found the router still had an active SA from my last connection.

Security Associations (1 up, 0 connecting):
remote-access[2]: ESTABLISHED 9 hours ago,

I was able to break down this SA by issuing restart vpn from a non-global configuration prompt. In other words, do not bother issuing this command in configure mode. Ensure your terminal looks like you@edgerouter:~$

 

Posted on

Reddit – Link list

For my sake I posted this comment from a Moderator on Sysadmin that points at resources for learning more about a variety of topics including Cisco networking, Linux, Microsoft and information security.

Comment from discussion VA_Network_Nerd’s comment from discussion "Article, using statistics from google’s data centers, about reliability of SSD drives used as 24/7 enterprise storage.".

Another recommendation is to peruse the Gilded posts in this forum. A list of some of the best posts as voted up by the community.

https://www.reddit.com/r/sysadmin/gilded