the.techy.dstro // writing it down so i don't forget.

1. Create and add the new disk in virtmgmt.msc
2. Add the appropriate line to your VM reconstruct script:
   Add-VMHardDiskDrive bowser SCSI -Path D:\vhd\Bowser-MediaFiles.vhdx
3. RDP or VMConnect to the VM:
   diskpart
   list disk
   select disk (id)
   online disk
   attributes disk clear readonly
   clean
   convert gpt
   convert dynamic
   create volume simple
   list volume (Make sure the new one is selected)
   format fs=ntfs label=(label) quick
   assign
   list volume (discover the drive letter)
4. Share 'er out:
   mkdir X:\m
   New-SmbShare -Name Media -Path X:\m

1. Download RubyInstaller and Development Kit.
2. Install RubyInstaller into a path with no spaces.
3. Unpack the Development Kit into C:\devkit.temp.
4. Open the Ruby cmd prompt elevated. cd \devkit.temp and run:
   ruby dk.rb init
   ruby dk.rb install
5. Install Aptana Studio
6. Install Heroku Toolbelt

I only have a single domain admin account on my home domain. It's the only account that is Domain Admin/Enterprise Admin/etc. Then, I have another account for administering machines, that has local admin on all my machines. Then, there's a normal, unprivileged account for me and each of my roommates/friends.

To keep my machines safe and isolated, I've got the following in a GPO, targeted at clients & member servers:
Deny logon locally/via Terminal Services: Domain Admins

This seemed like a great policy.

And then I installed a second DC.

Apparently some people have found this site. One such person emailed me to ask how to remove IE 9 on Win7 machines that came with it preinstalled.

I started with the standard disclaimers, because if you start by explaining how to treat the symptoms, they'll usually stop reading without considering how to treat the root cause.

Step 1. Upgrade the software to a version that works on IE8.

When I get this error message, it's usually because BIND has stopped delegating to the AD DNS server.

To confirm whether this is the cause, try to ping your dc.yourdomain.com. You should get NXDOMAIN. If this is the problem, restart BIND while the AD DNS server is running.

(If this isn't the problem, time skew may be the cause. Ensure that the date and time on the DC, the client, and the server are all synchronized.)

If you get a stack from someone with huge offsets and perhaps lots of DllGetClassObject, here's how to look up the info in the symbols after the fact.

1. Open the dll or exe as a crash dump in Windbg.
2. Unassemble the lame offset in question.
   • 0:000> u module!DllGetClassObject+0xf829a
   • module!TheRealFunctionName+0x41 [d:\src\path\to\code.c @ 123]:

"Configure Your Server" turned into "Initial Configuration Tasks" in Server 2008. If you've hidden it and you want it back (because it gives easy access to important tasks, run:

oobe.exe

Client Workstations:
select * from Win32_OperatingSystem where ProductType = "1"

Domain Controllers:
select * from Win32_OperatingSystem where ProductType = "2"

Domain Member Servers:
select * from Win32_OperatingSystem where ProductType = "3"

For a Nessus scan to run successfully, the following network, scanner, and target computer(s) configuration items need to be satisfied:
• Network and host firewalls, if involved, must allow:
o NetBIOS ports to pass between Nessus scanner and target. These ports include TCP 139 and 445, but may also include other authentication ports (e.g. Kerberos requires UDP and/or TCP 88 as well).
o Any ports needed for services and application checks (e.g. FTP, HTTP, HTTPS, SQL, etc.)
• The Windows Management Instrumentation (WMI) service must be enabled on the target computer(s)

Geez people, figure it out.

Setup is a noun, naming a process; set up is a verb; set-up is a participle (so, something that has been set up).