• Tactical RMM is a free, Open Source remote monitoring and management tool for Windows. Among the many features it supports are remote desktop control, real-time remote shell, Windows patch management, remote software installation via chocolatey, and software and hardware inventory.

  • You have to set the CRL distribution point in the CA certificate also, then put the CRL in your Web root of Web Enrollment.


  • Yes, you can keep it on the DC. You don’t need to install XCA since it’s portable. If you are running a virtual environment it is convenient to create a detachable hard drive which you can use to keep XCA and its database on it.

  • When Active Directory Certificate Services are deployed, Microsoft recommends at least a two-tier infrastructure, comprising a root CA and a subordinate CA. For security reasons, it’s recommended to keep the root CA offline. Since the root CA is used only for signing the intermediate CA certificates, many sysadmins don’t like the idea of burning a Windows license for a powered-off server. A convenient solution is to use a non-MS offline CA.

  • WPKG is a simple and powerful open source solution designed to deploy software on Windows machines without repackaging installers. It can be used to deploy many formats of installers (MSI, NSIS, Install Shield, and Inno Setup), and it can execute commands and scripts. In this tutorial, we’ll see how to set up a WPKG environment in Active Directory.

  • Riccardo Bicelli liked Leos Marek (Rank: Level 4)
    comment. (So far, Leos Marek (Rank: Level 4)
    has 1 likes for this comment) 1 year, 7 months ago

  • Every now and then, a sysadmin has to deal with SQL Server backups. In this article, we’ll set up, and hopefully forget, a simple but effective backup strategy for SQL Server databases, using only the best backup system for SQL Server: SQL Server itself!

  • Maybe you could look into LPIC DevOps Tools Engineer. https://www.lpi.org/our-certifications/devops-overview

    I think is pretty new because there are no study books ready. When buying LPIC-101 and LPIC-102 exam vouchers I got the DevOps tools voucher for free but it seems there’s a lot of study to pass the exam, since there are plenty of technology and tools involved, from Ansible to K8/Docker Swarm, etc. However I think this is a good base for understanding the devops world and be confident with contemporary and future tools.



  • In this howto, I’ll explain how to create a basic ADMX template from scratch and use it in a working example. When I was writing my first application that works with GPOs, at the point of writing my first ADMX template, I realized that ADMX Migrator from Microsoft didn’t work as expected. So I dug through official documentation, reverse engineered some existing templates, and found a way to write my own templates.

  • Let’s Encrypt offers a free, easy way to have SSL certificates that are generally secure and don’t produce warnings in your browser. However, with certificates expiring every 90 days, manually updating them could become a tedious task, even more so if you have to deploy the same certificate on multiple machines. In this guide, we’ll see how to auto-update certificates on multiple machines in a typical Citrix XenDesktop/XenApp scenario, using Ansible and some scripting.

  • 1) In this case settings are defined in the tool. Security is a link that unfortunately can’t be overridden. If you want the user to have calculator, notepad, etc… you’ll have to define them in composer.

    2) You can avoid agent install by putting the agent folder on  an UNC path (i.e. mydomainnetlogoncomposeragent and in the GPO call the executable. But you have to call the after-installation steps of agent in computer logon scripts (i.e. mydomainnetlogoncomposeragentcomposeragent.exe -install ), which creates the DesktopComposer Local user groups and sets ACLs on Common start menu folder.

  • Hi Leos! Glad to be here 🙂

    Installation of agent isn’t strictly required, It is just for convenience because the installer does some tasks, like setting ACL on all user’s menu and adding a user group to the system that can be done also in a machine login script GPO (by calling %agentexecutablefullpath% -install).

    Start menu items defined in Composition file will replace both the common start menu and user’s start menu. At startup the agent takes a backup of initial user’s start menu, which will be restored at logoff, when agent is called with switch -decompose.


  • DesktopComposer is an open source tool that simplifies Start Menu and Desktop shortcut deployment in Windows 10, Windows Server 2016, and Windows Server 2019 with Group Policy.

  • Riccardo Bicelli changed their profile picture 1 year, 10 months ago

© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account