Dear Experts,

I am trying to formalize our server update procedures.  Since the existing procedure was not created recently, I would like to bring it to date.
We have a WSUS server, and I was thinking of using Group Policy for deployment.  (right now, we are using SolarWinds patch manager, and manually pushing the patches every week)
I am only including Microsoft Windows Server and SQL Server updates, and we have test server group we can use first before rolling out to production.
I would like to know what would be the more recent best practices for:

1. How long I should wait to deploy the patch after it comes out. (Unless it is Zero-day security category)  
2. How should I track the success/failure rate, besides going through WSUS app report on the WSUS server.
3. What should be the Automatic Approval policy?  Always with Critical patches?
4. Is there a better way rather than using GPO?

Please advise.  Thank you.
Our audit mandates that an SQL account used by SolarWinds must have
its password expired periodically (eg: every 60 days) even tho we convey
it is a service account.

a) if we forget to change the password prior to expiry, service is affected

b) if we try to set it to non-interactive, will get the error in the attached

In UNIX nagios, I have a tool "changepass" that could change the password
of the nagios interactive account periodically which I could place in crontab
to set the password to an encrypted password ie if this password is seen
by an unauthorized party, he still need to decrypt it.

Thus, I plan to set this MS SQL account's password to expire every 60 days
& then set a script in task scheduler (or some sort of automated periodic
job in MS SQL/Windows) to do something like:
   net user /domain  SolarWindsOrionDatabaseUser  F1xedP@ssw0rd
(above command is for Windows, so I'll need equivalent for MS SQL).

Certainly using the scripted/automated way of changing the password
(including re-using back the password ie bypassing the password
  history should not result in the password being expired: I know this
  is against password history but I would still want it this way, pls.
  When we have time/remembers, we'll go into the script to change
  the password to be set in the script)

Certainly the script has to be non-readable or the password
F1xedP@ssw0rd   is the encrypted password so that if it's leaked/
seen, no harm.
We use SolwarWinds software to push microsoft updates and patches to computers in the network.  It is set at 3am each night to check and install.  I have a few computers where a message comes up that says "your IT admin has initiated and update you have 2 minutes before reboot."  Something like that.  Is this message coming from the SolwarWinds software and initiating the update or from Group Policy or AD?
I am trying to backup my FMC4500 to my SCP Server. I am running Windows 10 with SolarWinds SCP Server.

1. I have any/any on windows firewall
2. I can successfully SCP configs and backups from other devices (ASA's and Switches) to my SCP Server
3. I am trying to setup Remote Storage Device under System Configration. It will NOT successfully test.
4. I have tried running the backup and copying file remotely to SCP Server. The backup with run successfully, but the SCP copy will fail.
5. See my screen shot.ScreenShot1Screenshot2
On my lap ASA, I can successfully copy files from my ASA to my SCP Folder using SolarWinds SCP Server. The problem I am having is copying files from my SCP Server to the ASA using CLI. IT fails to copy do disk0:/ on the ASA.

 I can see the file being copied from the SCP Server via the SCP Log:

      10/23/2019 12:19 PM      Unknown      Authenticated user cisco from IP
      10/23/2019 12:19 PM      Unknown      User cisco from IP downloading file at "TestFile.txt".

 See the information below:

ciscoasa# copy scp://cisco:cisco@ disk0:/TestFile.txt

Address or name of remote host []?

Source username [cisco]?

Source filename [TestFile.txt]?

Destination filename [TestFile.txt]?

Accessing scp://cisco:cisco@
%Error reading scp://cisco:cisco@ (Success)
I need to restart a service on a Windows 2016 Server - Globalscape EFT because almost every 24 hours the Logon USer ID for the service loses its "run as a service" right. Right now We're fixing it manually as it occurs by stopping the service and then going to the Log On Tab and reentering the password for the User which generates a popup of "Run as a Service granted" or something close to that. We then Start the Service and all is well for a time. Our main issue is if the right goes away at say 9pm and we don't have an admin in until 9am the next morning its down all night meaning noone can up or download data in the environment. In a 24/7 Health Insurance setting this is not good business. Ideally we'd love to somehow hook the method of doing this to SolarWinds so it can monitor the service and see when the SFTP goes down and then execute the batch file or PowerShell Script thuis minimizing the down time. Short of that we'd run it probably once every 2-4 hours and just have to live with the 0-4 hour downtime - not ideal but better than we have now which is a totally manual process that waits to  hear from a user that its down.
Hi Folks,

I'm new to this so apologies for this silly/easy question!

I’m running a trial version of Solar Winds in my environment more for my own education than anything but with the possibility of using it long term to monitor my environment.  I’m not sure if I have set it up correctly but I can see top conversions from my core switches, which equate to 7GB of data for one day but yet when I run the utilisation reports, I’m only seeing peeks of 14MB on a 50MB internet pipe….what am I doing wrong?

I would like to see how my switch is performing and the volume of traffic going out a particular port for any given day -  in a graph, so I can see when it peaks etc?

I'm not able to find how I'm able to connect with my network shared drives over the internet at home. I couldn't find anything in network adapters. Only thing I can see below application
in programs and files.
SolarWinds Take Control Viewer for n-Central
Windows Agent

Is there any way we can find out how the VPN is working?

Vendor is also puzzled and have nothing to say
Hi -

I am currently reviewing RMM systems, namely Datto, Ninja and Solarwinds.
I am an IT consultant aimed purely at small business support. Does anyone have any general feedback on their experience with either of these RMM solutions?

I'm looking for something that can help me identify stale folders within my Windows shared folders. All the software I've come across are catered to IT Security Audits so most of the reports that are generated from them are granular and are focused on file access.

I need something that can generate a report that shows least company accessed FOLDERS so I can create a plan on how to archive stale files and folders.

Has anyone had similar experience with cleaning up file and folder shares for an entire organization and what were the tools you ended up using to help you get to your end goal?

For what it's worth, I've already tried using SolarWinds ARM product and Windows FSRM. Both give granular reports down to the file level access within shared folders.

Thanks in advance.
Dear experts,

I have a network with Servers and end points that need to communicate via IP and TCP ports. I would like to add these IPs to our SolarWinds management, can I also monitor TCP specific ports connection.

On the network or server how can I find how many TCP ports are established between the server and clients.

Any Feedback will be appreciated.
We are looking for a network monitoring and configuration management tool. More than 90% of our network is HPE (Prourve)/Aruba, and we use Infoblox IPAM.

The options we are looking at currently are HPE IMC, Infoblox NetMRI and SolarWinds.

At the moment cost has priority over nice to have features, so cut down versions of the above would also be one way to go. We have bout 600 switches and growing.

What we absolutely need in terms of features:

device inventory
device state  - basically being able to see if a switch is down
switch configuration backup as a scheduled task

Provided the above is covered, it would be nice to have:

network map with L3/L2 overlays
loop detection
device configuration compliance (to a set of policies and/or predefined baseline configuration)
device configuration comparison (side by side)
device configuration deployment
firmware inventory
firmware installation

Anything else that would be useful that you can recommend?

Thank you!
Solar winds IPMonitor 10.

Is there a way to export all devices to a list in Excel/CSV?
We use N-Able to manage our clients with MSP SolarWinds for remote control of the client.  Somehow now when using MSP Remote Access, when it is ready to launch a session it forces Vmware Fusion on my Mac to start up which of course it is not.  I'm not certain if it is a java based viewer or what but I'm unable to find out what it is supposed to load and until I do I'm stuck using another remote control tool.  Anyone out there who uses MSP Solarwinds?

I wanted to know how to configure a cisco router/switch to use a Kiwi or Solarwinds for logging purposes?  I also wanted to know how to configure Radius on Cisco devices as well?
hi guys

So I got some help from EE experts to run a command in Exchange shell to export all mailbox statistics/data.

One of the important things is for me to work out the LastLoggedOnTime so that I can segregate the oldest mailboxes from the actively used ones.

I ran a tool called Inactive Users Tool by Solarwinds and exported it. When I compare the last logged on time of one user from the Exchange shell formula to the data exported from the Solarwinds one, they are different. I have many users who have not logged on for years, but somehow are showing as two days ago in the Shell statistics.

Perhaps the Solarwinds tool is using the Inactive users by looking at a different attribute?

Any ideas on why that would be?

Thanks for helping
We purchased some new Dell PowerConenct N4032 switches and I want to configure them with SNMPv3 to talk to our Solarwinds product. However, I cant seem to find a solid post or instructions on how to do this. The solarwinds part all i need to do is give it the IP of the switch, but I'm lost on the switch configuration. I want it to be secure but i don't need anything complicated. I have never setup a V3 of SNMP.
$Mount Drive Monitor is above threshold and currently 2 from solar winds

this is for my mail box server

what does this mean
A few years back I had SolarWinds Real-Time NetFlow Analyzer working with my Cisco 3750x switch. Recently we had some suspicious traffic so I installed a new version of the software on a Win 10 machine. I can connect through the software to my switch, I can see all of the interfaces but none of them show NetFlow enabled. When I click on the interface I want to monitor then click "Start Flow Capture" I get a 'NetFlow is not detected on the selected interface'.

How do I get this port configured correctly to capture NetFlow data?

Additional Facts:
IOS version 15.0(2)SE6

Config on switch:
int gig <port to be monitored>
ip flow ingress
ip flow egress

ip flow-export source <port to be monitored>
ip flow-export version 5
ip flow-export destination <IP of my Win 10 machine> 2055

Open in new window

Per this thread- https://thwack.solarwinds.com/thread/20498 
I tried to run the ip nbar protocol-discovery and the ip route-cache flow on the port to be monitored. Neither of those commands were accepted on that port.

Any help is appreciated.

I've had users on other forums attempt to help me by pointing me to towards flexible netflow configurations that use the command ip flow monitor <name of monitor> input applied to the interface they want to monitor. My switch does not allow flexible netflow to be applied to non-service module ports. What I'm trying to monitor are the standard gigabit interfaces.

The netflow commands I can apply to those standard interfaces are those listed above: ip flow ingress and ip flow egress. How do I get netflow analysis that way?
I converted the FTP SERVER to use SFTP. I am able to connect using winSCP but it always put me into the root directory. How i view my my virtual directories int he FTP.
I install solarwinds free sftp the server.
I need my ftp users to be able to reach their proper directories. what i can do now?
I have been using KiwiSys Logs for some time now for network logging.

I'd like to send Windows Event Logs to KiwiSysLog server BUT i cannot get the "Security" to populate in the "matching events records" section.

I'd like to log event 4624 which is for logins .. when I select "Security" from my tree on the left and all default values on the right -- I get nothing populating in the preview of matching event records.

I untick security, tick "System" and that loads events? Maybe I'm missing something but any help is much appreciated.

Thank you
This maybe a stupid question, however I want to make sure.

If I run a port scan utility, say from SolarWinds for example against a Cisco ASA, will this trigger any kind of threat response from the ASA?  IE will it black list the IP for a short time that is running the port scan?  Are there other ramifications for doing this?

I am thinking it will just drop the traffic or perhaps do nothing, but I am not well versed on what it will do.

Thanks for the feedback.
Downloaded Solar Winds inactive user account removal tool and ran it on my Windows 2008 Server.  On the last logon column, it shows the entry of "Never Logged in"  Does this mean I can remove all of these users that say this?  I ran this as "inactive since 1/1/2017
Appreciate step by step guide on how we can use Solarwinds to

a) issue commands in batch (ie to all the hundreds of servers & Cisco devices)
    & collect back the outputs all in one file   : I used to have one HP central management tool that could do this

b) the OS commands I plan to send out are:
   Windows are :  "hostname; wmic qfe list"
   Solaris are     :  "uname -a; showrev -p"
   Cisco are       :  "hostname; show ver"

Our MS SCCM is used for PCs only so can't use it
Hi all,

I created a rule in Exchange 2010 HT that prepends subject line for all emails coming in from outside the organization. The rule is working fine. But we have our internal solarwinds monitoring server that sends an email whenever a server goes down or gets rebooted and emails from solarwinds are getting their subject lines prepended which probably means that for the Exchange server, those emails qualify as coming in from outside the organization.

Any idea why is that happening ? That server is using an email address to deliver email alerts.

Thanks and Merry Christmas.


