Domain Controller – accessing the Group Policy of a Windows Server 2019 Active Directory domain controller

Before I enabled AD DC in my Windows Server 2019, I had changed some objects in Group Policy Editor (gpedit), but after I turned the server into an Active Directory domain controller, I can not remember how to access the local gpedit should. mmc.exe does not work.

I know how to use the new Group Policy Management to set policies for other computers in my domain, but I do not know how to set policies for my own server AND access the server's previously-modified Group Policy settings before it's turned into a server AD DC.

Enter image description here

My problem is just that. I do not want my server trusting all hosts

Enter image description here

There is a * and the source is a GPO, but all three of my group policies show:

Enter image description here

Enter image description here

Enter image description here

As you can see, they are all set to unconfigured and I can not find the source for it. *

When I type mmc.exe in run in server, I get the following:

Enter image description here

How can I fix this?

Signature on VERY active forum for 7 months for 1 US dollar

Signature on VERY active forum for 7 months

Example of one of my topics and the number of my posts and answers and signature here

Profile statistics:
I currently have over 68000 posts.
I do over 1000 posts a week.
senior members
Accession date: May 2015

Website statistics:
Almost 8,000 members and 124,000 jobs
Over 50 new members and 1,000 posts per day.
One of the largest and most active forums in the world.

7 months in just a dollar


python – Django's automatically logged-off inactive user will still be shown as an active user

I'm working on a project with Python (2.7) and Django (1.11), where I only need to display logged in users for a specific function.

I have managed to deregister the user through the following settings

LOGOUT_REDIRECT_URL = & # 39; login & # 39;

and I have to get active users of the type driver What do I get as:

def get_all_logged_in_users ():
# Query all non-expired sessions
# In the latest versions of Django, use () instead of ()
sessions = Session.objects.filter (expire_date__gte = ())
uid_list = []

    # Create a list of user IDs from this query
for session in sessions:
data = session.get_decoded ()
print (data)
uid_list.append (data.get ('user_id', none))

# Query all registered users based on the ID list
Return user_table.objects.filter (id__in = uid_list, user_type = & # 39; driver & # 39;)

It worked until a few days ago, but suddenly stopped working. If I update the page after the time SESSION_COOKIE_AGE it redirects to the login page, which is the perfect one in the database is active this is still for this user True and it is still displayed in get_all_logged_in_users,

How can I solve this problem?

SQL Server permissions for Intellisense for an Active Directory user?

I created an Active Directory group and created it as a user. We call it "AD SQL" in my database. I can successfully log in and read / write with Active Directory authentication.

Intellisense does not work for Active Directory users.

Intellisense works fine when I log in with my Active Directory administrator AD ADMIN.

Can someone tell me what permissions / roles / views / etc a user needs to access Intellisense?

My "AD SQL" user has the following roles / permissions:

  • db_owner
  • db_datareader
  • db_datawriter

And I've already tried updating cache / restarting SSMS.

tcpdump – tracking active FTP session data (data channel)

To fix a problem with active FTP, we track the active FTP session traffic with tcpdump running in a Toolbox container on a GKE node. The active FTP session fails on the data channel.

I am familiar with the differences between active and passive FTP mode (our platform must support both and we use passive mode whenever possible).

To debug the failed active FTP data channel, we track successful active FTP sessions to illustrate the flow in our environment with our FTP server implementation. The problem here is:

Collect packets from the data channel in a successful active FTP session

We looked at this problem and it's similar, but it does not seem to be solved, and our situation may be different. The trace is executed with:

tcpdump -vnn -w 002.pcap -i eth0

The pcap file is then opened in Wireshark. Filtering by the FTP protocol makes the control channel portion of the session clear. FTP client / server communication is expected to occur between the client's short-lived port and server port 21. This flow contains the expected commands for authentication, setting up TYPE I, a CWD in the correct folder, SIZE, PORT, and RETR for the file name.

The PORT command looks good, including the client IP and the port that the server should use in the subsequent data channel portion of the session (to download a file). e.g .:

PORT 1,2,3,4,77,92 

that converts: (77×256 + 92) to port 19804.

In Wireshark, however, after:

(node below refers to the FTP server – only the IP is the node IP on which the trace was executed

Client: 27154> Node: 21 RETR 
Node: 21> Client: 27154 150 File status OK; about to open the data connection.

The only additional captured packets are:

Node: 21> Client: 27154 226 Transfer completed.
client: 27154> node: 21 6 EXIT
Node: 21> Client: 27154 221 Goodbye.

Our FTP server implementation does not use port 20 for the data channel, but a random port. In any case, we expected the server to build the data channel as follows:

Node: > Client: 19804

And one or two extra lines that show the actual transfer.

  • Is the tcpdump filter itself the problem?
  • Something else?

Many Thanks.