Start Here
Insights
Concepts, decision points, troubleshooting patterns, and operator-facing field notes.
Topic Hub
Networking
DNS, DHCP, VPN, switching, proxy, ports, packets, and connectivity diagnostics.
Use this hub as a cross-surface map: start with insights for this topic, then branch into supporting tools, drills, and implementation work as needed.
Related Items144
Best First StopInsights
How To Use This Hub
82 Insights38 Toolchest24 Labs
Support Surface
Toolchest
Checklists, scripts, templates, and evidence packs you can use once the path is clear.
Support Surface
Labs
Hands-on build guides and validation environments for testing ideas end to end.
Insights
Insights that frame Networking
Insightschanges-system-state
.NET Network Path Not Found Error on Windows Server 2016: Troubleshooting Guide
NET network-path triage guide for separating DNS, SMB reachability, firewall policy, share permissions, and application configuration failures.
Insightschanges-system-state
Accelerating Discovery for Stuck Switches in Stack
Use this when stacked switches stall during discovery or initialization.
Insightsread-only
Comparing Robocopy, PowerShell, rsync, and Storage-Native Replication for File Migrations
Use this when you need to choose the right file-migration path instead of defaulting blindly to Robocopy, PowerShell, rsync, or storage replication.
Insightsreview-before-running
Comparing Windows Repair Paths: SFC, DISM, Restore, Rollback, and Reinstall
Use this supporting Insight to compare Windows repair paths before reaching for SFC, DISM, restore workflows, update rollback, or full rebuilds.
Insightschanges-system-state
Error 0x80070490 When Uninstalling Windows Update
Use this when Windows returns 0x80070490 while uninstalling an update.
Insightschanges-system-state
Guide to Disable Hypervisor in Windows for Improved VMware Workstation Performance
Use this when VMware Workstation performance or compatibility problems trace back to the active Windows hypervisor stack.
Insightschanges-system-state
In-Depth Troubleshooting of Windows 11 Update Errors
A Windows 11 update repair checklist covering disk space, service state, component reset, SFC, DISM, software conflicts, and manual update fallback.
Insightssecurity-sensitive
OPNsense WAN DHCP failure after a MAC address or ISP lease change
Use this when OPNsense stops receiving the expected WAN DHCP lease after a reboot, VM move, NIC change, modem/ONT reset, or ISP equipment change.
Insightsreview-before-running
Planning Data Migrations and File Moves Without Creating Validation Gaps
Use this Insight to plan file-share and data migrations around scope, tool choice, validation, rollback, and evidence before running the copy path.
Insightschanges-system-state
Resolving 0x800f0954 Error When Installing .NET Features on Windows Server 2022
NET feature. Check WSUS or policy-controlled servicing first, then validate the feature source path and Windows Update reachability before forcing repair steps.
Insightssecurity-sensitive
Resolving Azure SAS Tokens Returning 403 Authorization Failure
Use this when an Azure Storage SAS URL returns 403 even though the token looks valid.
Insightschanges-system-state
Resolving Semaphore Timeout Period Expired Error When Copying JavaScript Files to Server Share
Use this when copying JavaScript files to a server share fails with a semaphore timeout.
Insightschanges-system-state
Troubleshooting 'Error Reading File Content' in Helm Template on Kubernetes
Use this when Helm template rendering fails with an Error reading file content message.
Insightsreview-before-running
Troubleshooting AADSTS50020 Error in Azure DevOps OAuth App Access for External Accounts
Use this when AADSTS50020 blocks an external or personal account from an Azure DevOps OAuth app in a company tenant.
Insightsreview-before-running
Troubleshooting AADSTS500200 Error When Using Personal Microsoft Account for Azure Resource Manager Access
Use this when AADSTS500200 appears because Azure Resource Manager access is attempted with a personal Microsoft account.
Insightschanges-system-state
Troubleshooting Artifactory JCR 7.125.8 Login Stuck on Pending in Ubuntu 22.04 VM
04, focused on service health, JFrog logs, database reachability, reverse proxy behavior, and restart safety.
Insightsreview-before-running
Troubleshooting AWS Amplify GitHub Repository Reconnection After Ownership Transfer
Use this when AWS Amplify cannot reconnect to a GitHub repository after an ownership transfer or redirect change.
Insightssecurity-sensitive
Troubleshooting Azure Application Gateway: Fixing DNS Configuration to Resolve Internal Container App Connection Issues
Use this when Azure Application Gateway cannot reach an internal container app because DNS or outbound path resolution is wrong.
Insightssecurity-sensitive
Troubleshooting Azure Blob Upload Failures Due to CSP in ASP.NET WebForms
Use this when browser uploads to Azure Blob Storage fail with CSP Failed to fetch errors. config.
Insightssecurity-sensitive
Troubleshooting Azure Function App Publish Failures: 'Value cannot be null. Parameter 'input'' on Windows using PowerShell in Premium or Consumption Plan
Use this when publishing a Windows PowerShell Azure Function fails with Value cannot be null. Parameter 'input'.
Insightssecurity-sensitive
Troubleshooting Azure OpenAI Realtime API Server Errors During Response Processing
Use this when Azure OpenAI Realtime API calls fail during session creation, streaming, or response processing.
Insightssecurity-sensitive
Troubleshooting Azure VM RDP and MSTSC Connection Failures
Use this when MSTSC cannot connect to an Azure Windows VM.
Insightssecurity-sensitive
Troubleshooting Azure VPN Client 3.4.0.0: Resolving Authentication Expiration with Microsoft Entra
Use this when Azure VPN Client reports expired Microsoft Entra authentication.
Insightsreview-before-running
Troubleshooting Blazor WinForms App Launch Errors on Windows Server
Use this when a Blazor WinForms application will not launch on Windows Server. NET runtime, desktop dependencies, permissions, and application logs in the same user context.
Insightschanges-system-state
Troubleshooting Boot Issues in VMware Workstation Pro 17: Encrypted VM with Corrupted Snapshot Disk
A VMware Workstation Pro 17 recovery checklist for encrypted VMs with suspected snapshot-disk corruption, emphasizing evidence collection, disk-chain safety, repair limits, and backup fallback.
Insightsdestructive
Troubleshooting Cisco Catalyst Stack Switch Discovery Issues
Use this when Cisco Catalyst stack members are stuck in discovery or fail to reach Ready state.
Insightsreview-before-running
Troubleshooting Connection Reset by Peer Error in Android VPN App Using SOCKS5 Proxy
Use this when an Android VPN client using a SOCKS5 proxy fails with Connection reset by peer.
Insightsreview-before-running
Troubleshooting CORS Error: Permission Denied for Requests in Chrome on Office Network
Use this when a browser reports a CORS failure only on a corporate or filtered network.
Insightschanges-system-state
Troubleshooting DNS Issues in Docker: Unable to Get Image Due to Lookup Failure
Use this when Docker fails to pull images because name resolution breaks inside the container runtime.
Insightschanges-system-state
Troubleshooting dnsmasq Service Not Loading DNS Servers from /etc/resolv.conf After Reboot
conf after reboot. Verify the resolver file source, service startup order, and competing network-management services before forcing static DNS settings.
Insightsreview-before-running
Troubleshooting Docker Container Communication Issues: Ping vs HTTP Requests
Use this when two Docker containers can resolve or ping each other but application traffic still fails over HTTP.
Insightschanges-system-state
Troubleshooting Docker Container Exit Code 0 and Dependency Failures
Use this when a Docker container exits with code 0 but the service was expected to stay running.
Insightschanges-system-state
Troubleshooting ERR_NETWORK_CHANGED Error on Android VPN Interface
Use this when Android shows ERR_NETWORK_CHANGED after a VPN connects and web traffic drops or resets.
Insightssecurity-sensitive
Troubleshooting Fdrespub and Fdphost Failures in Windows 25H2 (26200.8246)
A focused checklist for restoring Windows network discovery when fdrespub or fdphost will not respond or stay running.
Insightschanges-system-state
Troubleshooting File Copy Failures in Windows Task Scheduler
Use this when a Windows Task Scheduler file-copy job fails with access denied, missing paths, or no visible run.
Insightschanges-system-state
Troubleshooting File Deletion Issues in PowerShell: Unable to Delete Opened Files
Use this when PowerShell cannot delete a file because another process holds it open.
Insightsreview-before-running
Troubleshooting Flutter Android Emulator VPN Connection Issues for Host Lookup
Use this when a Flutter Android emulator loses host lookup or app connectivity behind a company VPN.
Insightschanges-system-state
Troubleshooting Flutter Doctor Timeout in Docker VSCode DevContainer
Timeout issues with Flutter Doctor in a Docker VSCode DevContainer can often be resolved by checking network settings and adjusting resource limits.
Insightsreview-before-running
Troubleshooting Flutter Installation on Windows: Cannot Find flutter.bat
bat after installing or extracting Flutter. Check the unzip location, PATH update, PowerShell session state, and duplicate SDK folders before reinstalling Flutter.
Insightschanges-system-state
Troubleshooting Flutter on Windows: Symlink Support and ms-settings:developers Command Issues
A Windows Flutter setup checklist for Developer Mode, symlink support, PowerShell launch behavior, and plugin build validation.
Insightssecurity-sensitive
Troubleshooting FortiClient SAML Authentication Errors for IPSEC VPN Connections
Use this when FortiClient IPsec SAML auth opens a browser flow and then reports that the page cannot be reached.
Insightschanges-system-state
Troubleshooting Gmail 550 5.7.25 Error: PTR Record Mismatch for Sending IP
25 reverse DNS failures, focused on PTR alignment, SMTP hostname evidence, DNS ownership, and safe provider-side changes.
Insightsreview-before-running
Troubleshooting IPsec Connectivity Issues on pfSense with DrayTek
A pfSense-to-DrayTek IPsec triage guide for one-host reachability failures, focused on tunnel state, phase selectors, firewall rules, routing, NAT overlap, and packet-path evidence.
Insightsreview-before-running
Troubleshooting IPSec VPN Issues on FG-90G Firmware 7.4.11
11, covering phase negotiation, routing, policies, and packet-flow validation.
Insightsreview-before-running
Troubleshooting Keyboard Lights Not Working in VMware Workstation
Use this when keyboard backlight or LED behavior stops matching expectations inside VMware Workstation.
Insightschanges-system-state
Troubleshooting Keycloak Startup Issues on Azure Container App Due to Probe Failures
Keycloak may fail to start on Azure Container App due to health probe misconfigurations or resource limitations.
Insightsreview-before-running
Troubleshooting KMP Windows Run Failure with Navigation3
Use this when a Kotlin Multiplatform Windows build or run path fails around Navigation3 integration.
Insightschanges-system-state
Troubleshooting Kubernetes Webhook Timeout: No Endpoints Available for AWS LB Controller and External Secrets during ArgoCD Sync
Use this when ArgoCD sync stalls on webhook timeouts or no endpoints available for the AWS Load Balancer Controller or External Secrets.
Insightsreview-before-running
Troubleshooting LACP Sub-Interfaces Communication Issues with Core Switches
Use this when LACP sub-interfaces cannot communicate through the core switch. Validate bundle membership, VLAN tagging, native VLAN behavior, and switch-side LACP state.
Insightschanges-system-state
Troubleshooting M365 Domain DNS Setup Issues
A Microsoft 365 domain DNS checklist for validating ownership, MX, Autodiscover, SPF, Teams/Skype records, propagation, and rollback before changing production mail flow.
Insightschanges-system-state
Troubleshooting MCP Server Connection Issues with VS Code Continue Extension on Windows WSL2 Using Ollama
Use this when the VS Code Continue extension cannot connect to an MCP server on Windows WSL2 while using Ollama.
Insightschanges-system-state
Troubleshooting MQL5 SocketConnect Error 4014 When Connecting to Local TCP Server
Use this when MQL5 SocketConnect returns error 4014 while targeting a local TCP service.
Insightschanges-system-state
Troubleshooting Nginx Multi-Domain App: Resolving Too Many Redirects Error on Linux
A Linux Nginx redirect-loop checklist for multi-domain applications, focused on server blocks, proxy headers, app URL settings, cookie scope, cache layers, and log validation.
Insightschanges-system-state
Troubleshooting No Endpoints Available Error for DTC Between Domain and Non-Domain SQL Servers
Use this when DTC between domain and non-domain SQL Servers fails with No Endpoints Available.
Insightssecurity-sensitive
Troubleshooting NuGet Source Addition in Dockerfile for .NET Applications
NET Docker build cannot add or use a NuGet source during image creation.
Insightsreview-before-running
Troubleshooting OpenSSL Build Failures in msquic via PowerShell During Cross Compilation
Use this when an msquic-driven OpenSSL build fails in PowerShell during cross-compilation and the output points at Perl or build-tool dependencies.
Insightschanges-system-state
Troubleshooting PowerShell Get-ADUser Published Certificates Import Error
Use this when a PowerShell workflow reading published certificates from Get-ADUser returns import errors or empty values.
Insightsreview-before-running
Troubleshooting PrincipalContext.ValidateCredentials Issues on Windows 11
ValidateCredentials starts failing on Windows 11 for a path that used to work.
Insightschanges-system-state
Troubleshooting RDP Disconnections on Windows Server 2025 due to Security Group Misconfigurations
Use this when Windows Server 2025 RDP sessions disconnect unexpectedly.
Insightschanges-system-state
Troubleshooting RDS Broker Connection Issues on Windows Server
Use this when Windows Server users cannot reach the expected session host because the RDS broker is not routing connections correctly.
Insightssecurity-sensitive
Troubleshooting RustRover Remote Docker Connections over SSH
Use this when RustRover cannot connect to a remote Docker host over SSH.
Insightsreview-before-running
Troubleshooting Secure Boot 2026 Certificate Rollout Stuck on VMware VMs
Use this when VMware VMs stall or fail around the Secure Boot 2026 certificate rollout.
Insightsreview-before-running
Troubleshooting SQL Server BACPAC Import Error: Foreign Key Constraint Conflict SQL72014 Msg 547
Use this when a SQL Server BACPAC import fails with SQL72014 Msg 547 and a foreign key constraint conflict.
Insightsreview-before-running
Troubleshooting SSH Connection Issues in Vagrant VM with Ansible through WSL
Use this when Ansible running through WSL cannot SSH into a Vagrant VM during provisioning.
Insightschanges-system-state
Troubleshooting SSH Connection Issues on Ubuntu 24.04 After Using VS-Code Remote-SSH
04 breaks or becomes unstable after VS Code Remote-SSH use.
Insightschanges-system-state
Troubleshooting Tailscale Installation Errors on Linux Mint 22.3 Zena
Use this when Tailscale installation fails on Linux Mint. Validate the repository source, package dependencies, service state, and network path to the package mirror.
Insightschanges-system-state
Troubleshooting Terraform Errors with Databricks RFA Access Request Destinations
Use this when Terraform fails on Databricks RFA access-request destinations because provider blocks or schema expectations do not match the target resource.
Insightschanges-system-state
Troubleshooting the NVLDDMKM Not Found Error in Windows 11
A practical NVIDIA driver troubleshooting path for Windows 11 systems reporting NVLDDMKM-related failures.
Insightsreview-before-running
Troubleshooting VMware Workstation Pro Error 0xc000007b on Windows
Use this when VMware Workstation Pro fails to launch on Windows with 0xc000007b.
Insightschanges-system-state
Troubleshooting VSCode SSH Connection Issues to CentOS: Failed to Parse Remote Port from Server Output
Use this when VS Code Remote SSH reports that it failed to parse the remote port from server output.
Insightsreview-before-running
Troubleshooting Windows 11 Restore Recovery Failures
Use this when Windows 11 recovery or restore will not complete. Confirm hardware support and free disk space first, then try built-in repair tools or clean recovery media.
Insightschanges-system-state
Troubleshooting Windows Admin Center Tool Extension Environment Setup Issues
Use this when the Windows Admin Center tool extension environment fails to install, load, or build correctly.
Insightsreview-before-running
Troubleshooting Windows Installation Failure at 75%
Use this when a Windows installation stalls or fails around 75 percent.
Insightschanges-system-state
Troubleshooting Windows Update Reports That Stop Updating
Use this when Windows Update or patch compliance reports stop refreshing.
Insightschanges-system-state
Troubleshooting WinRM Connection Issues Between Specific Servers
Use this when WinRM works generally in the environment but fails between specific servers.
Insightsreview-before-running
Troubleshooting Write Permission Issues for USB 3.2 Devices on VMware Fusion
2 device attached through VMware Fusion is readable but not writable. Check host permissions, VM USB ownership, filesystem state, and guest mount behavior.
Insightschanges-system-state
Troubleshooting WriteFile Failure on Windows When Network Share is Disconnected
Use this when a WriteFile operation fails because a Windows network share disconnects mid-workflow.
Insightsreview-before-running
Troubleshooting Zscaler ZCC VDI Intune Win32 App Command-Line Limit Failures
Use this when Zscaler Client Connector VDI deployments fail as Intune Win32 apps and the install command may be too long, malformed, or unstable under IME system context.
Insightschanges-system-state
Troubleshooting: Stuck on 'Can't Connect to This Network' during Connection Attempt
Use this when Windows gets stuck connecting to Wi-Fi and then reports it cannot connect to the network.
Insightschanges-system-state
Troubleshooting: Unable to Exit S Mode on Windows 11
Exiting S Mode in Windows 11 is a straightforward process that involves accessing the Microsoft Store and following specific prompts.
Insightsread-only
Validating File Migrations Before Cutover and Proving the Target Is Authoritative
Use this when you need a validation model that proves a migrated target is ready before users, apps, or cutover steps depend on it.
Insightsread-only
Windows Evidence-First Recovery Workflow Before Repair Commands
Use this supporting Insight to gather Windows evidence before SFC, DISM, uninstalls, Safe Mode, or other repair commands change the system.
Toolchest
Toolchest assets for Networking
ToolchestScriptActive Directory and IdentityRead-only
AD stale computer cleanup report
A read-only Active Directory stale computer report for last logon, OU, operating system, enabled state, and cleanup planning.
ToolchestScriptActive Directory and IdentityRead-only
All-DC lastLogon collector and stale-user evidence report
Collect non-replicated lastLogon values from every writable domain controller, calculate the newest observed logon per account, and export evidence suitable for stale-user or stale-computer cleanup decisions without relying on replicated lastLogonTimestamp alone.
ToolchestScriptSecurity and Exposure ChecksRead-only
Authenticated Users drive ACL scanner
PowerShell scanner that checks fixed local drives on Windows servers for root ACL entries where Authenticated Users have broad access. Produces console and CSV evidence so admins can review exposure before any ACL changes.
ToolchestTemplateHybrid Cloud OperationsRead-only
Azure Arc bulk onboarding CSV and logging starter
Reusable starter for Azure Arc onboarding waves using a host CSV, dry-run expectations, per-host logging, and repeatable result tracking suitable for tickets, change records, and post-wave reporting.
ToolchestChecklistHybrid Cloud OperationsRead-only
Azure Arc onboarding preflight checklist
Preflight checklist for onboarding Windows servers to Azure Arc. Confirms supported OS state, outbound connectivity, proxy/TLS behavior, local admin rights, target Azure placement, tagging, pilot scope, and rollback notes before any agent install.
ToolchestTemplateReporting and Evidence PacksRead-only
Azure Update Manager compliance workbook starter
Starter template for an Azure Workbook plus Resource Graph evidence pack that shows patch compliance, pending updates, unsupported coverage, and patch-group drift across Azure and Arc-enabled machines.
ToolchestTemplateHybrid Cloud OperationsRead-only
Azure Update Manager patch wave planning template
Operator-ready planning template for Azure Update Manager patch waves covering scope, maintenance windows, reboot tolerance, exclusions, soak periods, rollback contacts, and stop-go criteria before scheduled patching.
ToolchestTemplateBackup and RecoveryPlanning aid
Backup Restore Drill Evidence Checklist
A restore-drill evidence template for proving backups are usable, measuring recovery time, and turning failed assumptions into repair tasks before an outage.
ToolchestScriptSecurity and Exposure ChecksRead-only
Certificate expiration scanner
A read-only certificate inventory for finding expiring Windows certificate-store items and endpoint certificates before outages.
ToolchestScriptConnectivity and Network TriageRead-only
DHCP scope utilization report
A read-only DHCP scope report that surfaces high utilization, exhausted ranges, and cleanup candidates.
ToolchestScriptWindows Server HealthRead-only
Disk space cleanup candidate report
A read-only disk pressure report that finds likely cleanup candidates without deleting logs, caches, dumps, or user data.
ToolchestChecklistDNS and DHCPRead-only
DNS and DHCP Health Check
A diagnostic DNS and DHCP triage flow that captures evidence, follows decision branches, and explains what each result means before changing anything.
ToolchestScriptConnectivity and Network TriageRead-only
DNS resolution and reverse lookup audit
A read-only DNS audit that compares forward and reverse lookup results across host lists and expected DNS servers.
ToolchestScriptFile, Backup, and Storage OperationsRead-only
File share permission audit
A read-only file share audit that records SMB share permissions, NTFS access, and ownership evidence for review.
ToolchestRecommended toolFreeware Utilities Worth KeepingReview before running
Free network scanner and port inventory guide
A practical guide to free network scanning options for host discovery, port inventory, and safe scan scoping.
ToolchestTemplateReporting and Evidence PacksPlanning aid
HTML operations email reporting starter
Reusable template for infrastructure scripts that produce an HTML email report with summary tiles, per-host results, failure sections, runtime metadata, operator notes, and a plain log. Designed to give admins a repeatable evidence format for tickets, maintenance summaries, and validation drills without embedding unsafe credential handling.
ToolchestScriptWindows Server HealthRead-only
IIS site and binding inventory
A read-only IIS inventory for sites, app pools, bindings, host headers, ports, certificate thumbprints, and content paths.
ToolchestChecklistActive Directory and IdentityRead-only
Inactive AD user disable review workflow
Two-phase review checklist for identifying inactive AD user accounts, validating inactivity evidence, applying exclusions, capturing approval, and preparing rollback details before any disable action.
ToolchestTemplateOperations TemplatesPlanning aid
Incident Note Template
A compact operator note format for capturing symptoms, checks, decisions, and follow-up while the issue is fresh.
ToolchestScriptInventoryRead-only
Installed Application Inventory for Windows Endpoints
A read-only PowerShell inventory starter for collecting installed applications from local or remote Windows endpoints.
ToolchestChecklistApplication HostingRead-only
Internal IIS site rollout checklist
Operator checklist for launching an internal IIS-hosted site with evidence capture for IIS role presence, site folder layout, bindings, app pool identity, DNS readiness, browser validation, and rollback notes.
ToolchestScriptActive Directory and IdentityRead-only
Local administrator group audit across Windows endpoints
A read-only local administrator audit that records privileged group membership across Windows endpoints for review.
ToolchestScriptPatch and Reboot ReadinessRead-only
Pending reboot detection across Windows servers
A read-only pending reboot check for Windows servers before patching, application installs, or maintenance-window closure.
ToolchestScriptConnectivity and Network TriageRead-only
PowerShell server connectivity quick check
A read-only connectivity triage script that separates DNS, ping, RDP, WinRM, and application-port failures before escalation.
ToolchestScriptInventoryRead-only
RADIUS and NPS server detection report
Read-only PowerShell reporting script pattern to identify likely Microsoft NPS or other RADIUS-capable Windows servers using multiple evidence sources: NPS service presence, NPAS role/feature state, IAS/NPS event log activity, UDP 1812/1813 listener evidence, and registry indicators. Designed for migration discovery, audit support, and authentication troubleshooting.
ToolchestChecklistRemote AccessRead-only
RDP Connectivity Checklist
A structured check for RDP failures before changing firewall rules, user rights, or server policy.
ToolchestScriptConnectivity and Network TriageRead-only
RDP failure triage script
A read-only RDP triage script pattern for DNS, TCP 3389, listener state, firewall evidence, sessions, and event logs.
ToolchestTemplateFile, Backup, and Storage OperationsChanges system state
Robocopy job template and log parser
A safer Robocopy job template with dry-run review, log capture, exit-code interpretation, and migration evidence.
ToolchestChecklistMigration and CutoverChanges system state
Robocopy migration cutover checklist and evidence pack
Operator checklist and evidence structure for file migration cutovers using Robocopy. Covers pre-copy checks, dry-run evidence, final sync readiness, exclusion review, validation samples, rollback details, and signoff artifacts suitable for tickets and change records.
ToolchestScriptWindows Server HealthRead-only
Scheduled task inventory and failure report
A read-only scheduled task inventory that highlights failed runs, missed runs, disabled tasks, and ownership gaps.
ToolchestScriptActive Directory and IdentityRead-only
Service account usage finder
A read-only service account discovery pass for Windows services, scheduled tasks, and IIS application pools.
ToolchestRecommended toolFreeware Utilities Worth KeepingRead-only
Sysinternals first-response kit guide
A practical Sysinternals first-response map for process, file handle, startup, network, login, and registry symptoms.
ToolchestRecommended toolMonitoringPlanning aid
Uptime Kuma Monitoring Starter
A simple monitoring starter for internal services, homelab systems, and small-office status checks.
ToolchestScriptSecurity and Exposure ChecksRead-only
Windows firewall rule audit
A read-only Windows Firewall audit that records enabled allow rules, ports, profiles, and address scopes.
ToolchestScriptWindows Server HealthRead-only
Windows server health snapshot
A read-only Windows Server snapshot for uptime, disk pressure, memory, stopped automatic services, and recent critical events.
ToolchestChecklistPatch and Reboot ReadinessChanges system state
Windows Update readiness and repair evidence pack
A patch readiness and repair evidence pack for reboot state, servicing health, update logs, and approved repair actions.
ToolchestChecklistPatchingChanges system state
Windows Update Repair Checks
A staged Windows Update troubleshooting path that starts read-only and escalates only when needed.
ToolchestRecommended toolConnectivity and Network TriageReview before running
Wireshark packet capture triage guide
A packet-capture triage guide for DNS, TLS, DHCP, SMB, RDP, retransmissions, and sensitive-data handling.
Labs
Labs and build work for Networking
LabsStorage and BackupRecovery ValidationIntermediate
Build a Backup Verification Workflow for Hyper-V or Proxmox VMs with Scheduled Restore Checks
Build a backup verification workflow for Hyper-V or Proxmox so restores are tested before an outage forces the question.
LabsNetwork and DNSNetwork VisibilityIntermediate
Build a Home Network Visibility Dashboard with ntopng, Syslog, and VLAN Traffic Summaries
Build a home network visibility dashboard with ntopng, syslog, and VLAN summaries for quick traffic checks.
LabsVirtualization and ContainersDocker StacksIntermediate
Build a Homelab CI Pipeline for Docker Services with Rollback Support
A practical setup for a Continuous Integration (CI) pipeline in your homelab that automatically deploys Docker services from GitHub repositories and includes rollback capabilities.
LabsSelf-Hosted Services and ProductivityService Portals and MediaIntermediate
Build a Lightweight Internal Git and Script Catalog with Gitea
A practical setup for a lightweight internal Git repository and script catalog using Gitea, a self-hosted Git service.
LabsSelf-Hosted Services and ProductivityService Portals and MediaIntermediate
Build a Media Utility Server with Jellyfin
A Jellyfin media utility server with metadata automation, storage hygiene checks, and a repeatable layout for home media libraries.
LabsPowerShell and Admin AutomationReporting and AuditsIntermediate
Build a Patch Compliance Reporting Workflow for Windows Devices Using PowerShell and Scheduled Scans
Build a Windows patch compliance reporting workflow with PowerShell, scheduled scans, CSV evidence, and rollback notes for the scheduled task and local script files.
LabsVirtualization and ContainersDocker StacksIntermediate
Build a Raspberry Pi Container Host with Docker Compose
A Raspberry Pi Docker Compose host with health checks, safer update habits, and a small-service layout that is easy to maintain.
LabsRemote Access and SecurityAdmin AccessIntermediate
Build a Raspberry Pi Travel Gateway with WireGuard for Safe Remote Access to Your Home Lab
A Raspberry Pi travel gateway pattern for secure WireGuard access back to a home lab while away from the trusted network.
LabsPowerShell and Admin AutomationReporting and AuditsIntermediate
Build a Reproducible Devcontainer Environment for PowerShell, Terraform, and Azure CLI
Build a reproducible devcontainer for PowerShell, Terraform, and Azure CLI work so the toolchain is easy to rebuild.
LabsPowerShell and Admin AutomationReporting and AuditsIntermediate
Build a Reusable PowerShell Script for Software Inventory Reporting
Build a reusable PowerShell software inventory script that exports clean CSV reports from Windows endpoints.
LabsPowerShell and Admin AutomationReporting and AuditsIntermediate
Build a Safe File Server Permission Audit with PowerShell
Build a read-only PowerShell permission audit for Windows file shares, export remediation candidates, and preserve evidence for an access review without changing ACLs.
LabsRemote Access and SecurityAdmin AccessIntermediate
Build a Secure Remote Admin Toolkit with Tailscale, RDP Hardening, and Access Controls
A practical build for a secure remote administration toolkit using Tailscale for secure networking, along with RDP hardening techniques and access control measures to ensure a safe remote management experience.
LabsNetwork and DNSNetwork VisibilityIntermediate
Build a Small Office Network Monitoring Stack with LibreNMS, Syslog, and Alert Routing
A practical setup for a small office network monitoring stack using LibreNMS for network visibility, syslog for log management, and alert routing for notifications.
LabsStorage and BackupRecovery ValidationIntermediate
Build a TrueNAS Replication Lab with Snapshot Schedules and Rollback Validation
Create a TrueNAS replication lab with snapshot schedules and a rollback test so you know the backup path works before you need it.
LabsMonitoring and ObservabilityLogs and AlertingIntermediate
Build a Windows Event Log Collector with PowerShell and Scheduled Tasks
A practical build for a lightweight Windows event log collector using PowerShell scripts and scheduled tasks, supporting cleanly incident triage and log management.
LabsVirtualization and ContainersDocker StacksIntermediate
Create a Docker-based Reverse Proxy Stack with Nginx Proxy Manager and Automatic TLS Certificates
Set up a Docker-based Nginx Proxy Manager stack for internal services that need repeatable TLS and routing.
LabsMonitoring and ObservabilityUptime and StatusIntermediate
Create a Homelab Uptime Dashboard with Docker, Grafana, and Simple Service Health Checks
A practical setup for a homelab uptime dashboard using Docker and Grafana.
LabsNetwork and DNSLocal DNSIntermediate
Create a Raspberry Pi DNS Secondary Server with Pi-hole Sync and Failover Testing
Build a secondary Pi-hole DNS node on a Raspberry Pi, sync core configuration from the primary resolver, and prove client failover before changing router DHCP options.
LabsNetwork and DNSLocal DNSIntermediate
Create a WireGuard plus Split DNS Lab for Secure Remote Access to Self-Hosted Services
By completing this guide, you will establish a secure remote access setup using WireGuard and implement split DNS for your self-hosted services.
LabsNetwork and DNSRemote NetworkingIntermediate
Creating a WireGuard Jump Host with MFA-Friendly Access Patterns
Create a WireGuard jump host for remote access that keeps internal services private and leaves room for MFA-friendly access patterns.
LabsNetwork and DNSLocal DNSIntermediate
PowerShell Health-Check Pack for Active Directory, DNS, DHCP, and Certificate Expiration
Create a PowerShell health-check pack for Active Directory, DNS, DHCP, and certificate checks in a small Windows network.
LabsPowerShell and Admin AutomationReporting and AuditsIntermediate
PowerShell Toolkit for Rotating Local Admin Passwords and Auditing Privileged Access Drift
Create a PowerShell toolkit for rotating local administrator passwords and checking privileged access drift across Windows machines.
LabsSelf-Hosted Services and ProductivityDocs and File WorkflowsIntermediate
Self-Hosted Dashboard Homepage for Homelab Services
Create a self-hosted dashboard that provides live status tiles for your homelab services and quick access to maintenance links.
LabsNetwork and DNSLocal DNSIntermediate
Small Office DHCP and DNS Audit Toolkit with PowerShell
A practical toolkit for a DHCP and DNS audit toolkit using PowerShell. The toolkit will include scripts for checking lease conflicts and exporting the results for further analysis.