I needed to change the firewall profile for a network adapter from public to private in windows server 2012. The only way I could work out to do it was using the following registry edit:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\{}

The value of Category is set as follows for the firewall profile:

Public = 0
Private = 1
Domain = 2

You need to match the detected network setting with the ProfileName key under the GUID, and modify the Category value as required.

I came across an issue after adding too many network interfaces to an ESXi server where the network interface started getting high packet loss. I found error messages similar to the following in the vmkernel log:
2014-01-29T16:14:48.355Z cpu7:8768)MSI: 541: Couldn't allocate a vector number 0 for device 00:01:00.0

The first part approximates the number of whole weeks with a margin of error of maybe adding an extra week
The second part adjusts for the remaining days, and corrects the first part if it adds an extra week.

SELECT (FLOOR((datediff(day, @Start, @End) - DATEPART(dw, @End) + DATEPART(dw, @Start)) / 7) * 5) + (DATEPART(dw, @End) - DATEPART(dw, @Start) + 1 + CASE WHEN DATEPART(dw, @Start) = 1 THEN -1 ELSE 0 END + CASE WHEN DATEPART(dw, @End) = 7 THEN -1 ELSE 0 END)

the following powershell can be used to find all VSS scheduled tasks and alter the minutes to a random value.

$TaskService = new-object -comobject "Schedule.Service"
$TaskService.Connect()

$Folder = $TaskService.GetFolder("\")
$Task = $folder.GetTasks(0) | where {$_.Name.StartsWith("ShadowCopyVolume")}

if($Task.GetType().BaseType.Name -eq "Array") {
exit 1
}

$SetMinute=Get-Random -Minimum 1 -Maximum 59
$TaskDef=$Task.Definition

When using IPSEC, I prefer to use tunnel interfaces so you can route traffic normally across the tunnel and use BGP/OSPF to transfer routes between sites. I managed to get this working from Linux to Cisco as follows, with redundant DSL connections (yuo can adjust to suit your environment):

On the Cisco router:
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
lifetime 3600

crypto isakmp key Pre-Shared-Key address Linux-IP-Address no-xauth

I have been looking after QoS settings on a site using a Cisco router for a number of years, and had issues with it not doing what I expected. The design was to use a hierarchy to guarantee bandwidth to certain classes of traffic, but allow all traffic to use the full bandwidth if other classes did not need theirs. I discovered that you need to apply the service-policy to the ATM PVC (for a DSL WIC) in order for it to work as expected, and NOT to the dialer interface. The config I used is below:

Before you begin:

Like any storage device, disk configuration is a factor, including:
• Disk speed (SSD/15k/10k/7200)
• RAID Level
• Write-back cache (Hardware RAID with BBU, Linux bcache, EMC FAST cache)
• Memory for read cache

In addition for the above, dedup appliances need RAM to store the contents of the hash. For SDFS the rule is:
• (volume size / chunk size) * 25. This equated to 256MB per TB for a 128k chunk size, and 8GB per TB for a 4k chunk size.
• You also need CPU to process the data

I recently had to set up CRM 2011 with ADFS and had some issues with authentication. The key things I would like to note are:
1 - The URL for ADFS can be anything as long as the SSL certificate used on the web site matches the hostname
2 - In order to authenticate on the internal CRM URL, the client must not hit the ADFS proxy.
3 - In order to be able to visit the site externally, the user must visit hostname.crm.domain.name

To add a domain to an IE zone using GPO for all users on a computer without locking the settings, you can do the following:

Open the GPO that you are adding the setting to. The GPO needs to apply Machine Settings to the machines in question

Run the following command to change a windows domain controller to use NTP:

w32tm /config /manualpeerlist:"server1 server2 server3" /reliable:yes /syncfromflags:manual /update