jueves, 27 de julio de 2017


Sometimes we need verify if a GPO are applied corretly.
There are 2 good commands very similars to check the GPOs applied in one Host.


Output Screen: "gpresult /V /scope computer | more"

Output HTML file: "gpresult /H c:\rsop2.HTML"


Output HTML file: "Get-GPResultantSetOfPolicy -user domain\user.name -computer MyManchine -ReportType Html -Path C:\destination\rsop.HTML"

Check at Windows 2012 R2
by GoN | Published: July 27, 2017 | Last Updated: 

martes, 25 de julio de 2017

WINDOWS. GPO. Deploy Fonts

Sometime ago was very easy install font at Operating System, you had to copy the font file in c:\windows\fonts, it was very simply. Now there are few changes.

This post explain how to create a new GPO to deploy font at hosts.

[ ] Rename files to cut her name size (max 8 characters)

I copy/rename the "SourceSansPro-Regular.ttf" at "SSPR.ttf"

[ ] Create a public folder for distribte the new file fonts.

Users need to be able to read this folder.

[ ] GPMC.msc. Now we create a new GPO

Assign GPO to compueter OU.

[ ] Configure parameters:

In "Value Date" the file font name (ex: file.ttf)
In Key Path: "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts"
In Value Name -> The font name to view at program (EX:"SourceSansPro-Regular" to view at Word program)

[ ] Apply GPOs: "GPupdate /force" or/and Restart the computer "GPupdate /force /sync"

[ ] To check in a destinantion host




Check at Windows 2012 R2
by GoN | Published: July 26, 2017 | Last Updated: July 27, 2017

miércoles, 19 de julio de 2017

WINDOWS. NAGIOS. Several certificates in a same server. Check_ssl_cert

One of my responsabilities is the Certificates Control.
I want to control from Nagios when a certificate expires, the problem was that I didn't found one instruction for this. So I had to improvise.

At this post I explain how to configure one web page for each certificate in a same server for check the certificastes since Nagios with the command: "$USER1$/check_ssl_cert -H $HOSTADDRESS$ $ARG1$ $ARG2$"


[ ] Connect to IIS

At this Server there are 3 Certificates

[ ] Create a new web pague 

You can put something in this configuration

It is important the dates in blue box at this picture. In this example use a port 8003 you can use others ports frees.

I select the certificate number three.

If the IIS show this warning, no problem

The IIS result:

It's not necessary but I configure a simply default pague at new "web servers"



You need the server to verificated  existed.

At this screeshot you can view how to check 3 certificates at same server

 The configuration:

In "Manage Hosts" I assign the server/s for to do a check.

If someone known a system better, please inform me ;-) Thanks.

Check at Windows 2012 R2
by GoN | Published: July 19, 2017 | Last Updated: