Every admin has made an error while creating a group policy and blew up an important machine. Murphy’s law states that you will then be unable to get the policy to repeal itself on the machine. Well this handy little tip will save the day. delete the following file while you are logged in a […]
Can’t Use apt-get i.e. /boot is 100% full NOTE: this is only if you can’t use apt to clean up due to a 100% full /boot 1. Get the list of kernel images Get the list of kernel images and determine what you can do without. This command will show installed kernels except the currently […]
The 2960G is a great gig switch that is being pulled from corporations and flooding the grey market. The switch is great for home lab use etc. Most people do not know that if you are running a later version of IOS on it it will also do layer 3 routing! this is how you […]
if you spend any time working on networks you are going to come across the need to identify a device connected to a port on a switch. I use primarily cisco equipment and finding the IPs can be quite a pain in the neck if you are searching the mac on the interface then looking […]
On newer generation computers you may have noticed that the windows key sticker is no longer on the bottom or side of the unit. This can make for some frustration when trying to do a clean rebuild. Well chances are the key is stored int he BIOS of the machine and if you are in […]
If you work with Cisco gear then you need to keep your code updated to stay ahead of security pugs with IOS etc. I always forget a command or 2 so I figured I would write it down for myself as well as others. I am going to go over tftp updating using cli as […]
HOWTO: Configure Windows DHCP for Nortel IP telephones In this example we will configure Windows DHCP for Nortel IP telephones. In addition to your standard Option 003 Router you will also need a custom scope option in order for an Nortel IP phone to boot properly using DHCP. 1. Open the DHCP MMC under Control Panel>Administrative Tools>DHCP […]
As many have heard over the past year older versions of SSL have been compromised and should no longer be used by servers to negotiate communications. however disabling these deprecated SSL versions can be a bit of a headache. I would strongly suggest anyone with public facing servers test them to be safe. I personally […]
This applies for Exchange 2010 as well as Exchange 2013. I just tested this out on both and they both work. Essentially we had a problem, users were not smart enough to go to https://owa.domain.com or https://mail.domain.com/owa (Mostly the HTTPS:// part). With this, users can go to “owa.domain.com” or “mail.domain.com/owa” and it will automatically forward […]
How to Disable Driver Signature Verification on 64-Bit Windows 8.1 or 10 (So That You Can Install Unsigned Drivers) 64-Bit editions of Windows require digitally signed drivers. The problem is that many devices ship with unsigned drivers. Today, we’ll show you how to install them regardless. Digitally signed drivers include an electronic fingerprint that indicates […]
Windows 10 has hit and it is a fast stable operating system. however MS has given us some features that we should be disabling immediately. For example windows updates delivery optimization uses your computer to send windows updates to other folks on the internet. You can disable it by knowing where to go to disable […]
I came across this startling info on a blog and had to share the original information is located at http://lauren.vortex.com/archive/001116.html most importantly it not only tells you about the issue but also tells you how to correct it! very good info Lauren Weinstein! A couple of days ago I discussed a number of privacy and other […]
Every network admin has had to remove a print server from their environment and set up a new one. While installing a print server can be tedious job. the worst part for me has always been updating the installed printers on all of my clients. well with this little vbscript it is no problem at […]
Great info from tech republic – never even knew about this neat little trick! Control panel settings and configurations are typically scattered all over in Windows 8, unless you know about god mode. For the record, I like Microsoft Windows 8. However, just like any operating system, it is not perfect – there are always annoyances. […]
Recently I needed to disable proxy settings on windows machines in a network. I was trying to remove an old proxy based web content filter (eeewww). I know it is only a few clicks but I am all about not using the sneaker net if i can avoid it. Plus it is always nice to […]
I am sure you have installed a GBIC in a Cisco switch that was not manufactured by Cisco. and your switch no doubt shut down the SFP port and gave the following error %PHY-4-UNSUPPORTED_TRANSCEIVER: Unsupported transceiver found in Gi1/0/0 %GBIC_SECURITY_CRYPT-4-VN_DATA_CRC_ERROR: GBIC in port 65538 has bad crc well here is how we fix that […]
I have had many people ask me about commands on switches and I was going to make a cheat sheet but Erik Rodriguez did such a nice job I am going to share his work Great job Erik Cisco IOS Cheat Sheet By Erik Rodriguez These commands are used on all Cisco devices running the […]
Most domain admins these days are following the very smart practice of using a normal user account for their day to day work and another for their domain admin tasks. Usually it is the same username with da at the end, beginning or something similar. The trouble comes in when a admin wants to use […]
I have run into several SB installs with very high memory utilization issues lately. I started poking around and noticed it was MS SQL chewing up all the memory. I thought this was odd so I hit good old google and sure enough it is a very common issue for WSUS to go a bit […]
As most everyone has heard SSL 2.0 has been compromised. Most PCI certification authorities are requiring SSL 2.0 to be disabled. I am sure with poodle SSL 3.0 is not far behind but that is for another article. I have written the following batch file to make all the needed changes and save some legwork. […]
These are notes I’ve compiled after many years of supporting Northern Telecom/Nortel Networks SL1, Meridian 1 and NCS 1000 phone systems. While graphical tools exist, many times it’s easier to connect via serial terminal or a telnet session and use the command line for common tasks. ADD AN AREA CODE > LD 90 REQ NEW […]
Many times I came across one issue… how to grant access to CLI (Command Line Interface) on Cisco devices without creating separate username and password for each user on each device? In order to resolve that I did use AAA features of Cisco IOS and built-in Windows Server 2008 R2 component – NPS (Network Policy […]
Many windows admins these days are very busy upgrading/replacing windows XP. I am not going to go into how very important to remove windows XP machines from our environments since it is now EOL and no patches will be released any longer. What I am going to show you is how to find all those […]
We just recently begun building an Exchange 2013 DAG to support out email environment. This is part of an internal shift to Lync 2013 and Exchange 2013 for unified communications. We followed Microsoft instructions on building my first 2013 machine, migrated a single test mailbox and started testing. We found no mail flow between […]
VMWare Converter uses a protocol called NFC for the cloning process. To increase security, encryption was introduced with Converter 5.0 for the data transfer. Unfortunately this comes at the expense of performance. If you do not need this security feature, it is possible to improve the speed and performance of your conversions dramatically. To achieve […]
If you have a career in technology then you know how important certifications are to obtain a good position. I have been taking exams for quite some time and along the way I have found that practice exams are the best way to prepare. You can enroll in boot camps and they are great however […]
I have been pulling my hair out for a couple days trying to figure to get the EFA spam filter tagged messages to automatically go to my exchange outlook users junk mail folders. I finally figured it out and I would like to share it. First what are we trying to accomplish with this. the […]
That’s right, you can pull all of your email users into E.F.A. and authenticate against AD (probably any LDAP server)! I plan on making this a configuration option in a later release of E.F.A. For now, follow these steps. 1) Create a user and password (proxy service account) in AD to allow username lookups 2) […]
EFA Project works great out of the box. However I did run across one issue. By default it only scans messages that are 200k and smaller. This worked great in the past when bandwidth was expensive and spammers were using plain text. however these days they are sending pictures to get by spam filters etc. […]
If you are like me spam and virus filtering for email servers is a very costly and time consuming task. There are many great retail solutions that do a excellent job of filtering. But they are costly and generally licensed on a per mailbox basis. Some would say that most newer mail servers such as […]
Exchange 2013 451 4.7.0 Temporary server error. Please try again later. PRX5 In Exchange 2013 RTM and Exchange 2013 CU1 you may occasionally receive the following errors in your Outlook clients as seen below. <strong>451 4.7.0 Temporary server error. Please try again later. PRX5</strong> And in the connectivity logs you may see NS server […]
I have run into the max message size limit alot lately especially in sbs 2011 installs. most people need the limit increased to at least 20 meg. you can follow this documentation to do so. this can also be done with the gui however the exchange powershell makes these changes much faster. Size limits […]
The issue and solution described here is by design, but not known by every customer so here’s my short write-up on this subject. Recently, I was at a customer reporting issues with several users not being able to synchronize their mobile devices using ActiveSync. The customer was running Exchange 2013 SP1 and used various […]
Hi Windows Lovers!? (Looking to install Windows Server? The same steps apply, but for a server specific guide, go here Create a bootable Windows Server 2012 R2 installation USB flash drive) This time I’ll help you find a way to install Windows 8.1 quick and easy, from a simple USB flash drive. It’s a piece of […]
Show Exchange Message Size Limits in SBS 2008/2011 It seems like every month I get a call about someone not being able to send or receive an email due to size limits. If you know where all the limits are in the Exchange Management Console (and if you’re aware of the 30% bloating that happens […]
You get “Iashlpr initialization failed” error after installing DHCP on Windows 2008R2 After installing DHCP server on windows 2008 R2, you notice that your system event log will be filled with Errors Event ID: 1070 “Iashlpr initialization failed: The DHCP service was unable to access path specified for the audit log. So DHCP server cannot […]
Enable Remote Management You may receive the following, somewhat misleading, error panel when attempting to remotely manage a Core machine. The panel correctly tells you that you have to enable the windows firewall rules. It tells you the wrong rule sets when the machine you are trying to manage is a server 2012 instance, probably […]
Activating Server Core Depending on the output of the command you entered to check the status you can activate your Server Core installation in a couple of ways: Activating with a pre-entered product key When you entered a product key when you installed Windows Server 2008 but didn’t select the option to activate automatically you […]
With working on my MCSE for server 2012 I needed to learn how to use windows server 2012 core. unfortunately configuring basic settings from the power shell is a whole lot different than the gui. You can configure everything and then uninstall the GUI but that is not really the correct way to do it. […]
Upon deploying my first windows 2012 r2 essentials box with anywhere access enabled. I was surprised that I could only access the servers dashboard remotely. That is obviously a problem for working on the server remotely. Oddly enough it is not a very well known fix to change it. First thing log in to the […]
new wireless lan controller keeps failing rdius authentication with errors like this RADIUS server 10.x.x.x:1645 deactivated in global list RADIUS server 10.x.x.x:1645 failed to respond to request (ID 65) for client 00:0b:6b:87:54:d2 /user ‘unknown’ the problem is 2 fold the cisco wireless lan controller radius configuration defaults to a time out of 2 seconds. you […]
Tutorial: 802.1X Authentication via WiFi – Active Directory Network Policy Server Cisco WLAN Group Policy Here is how to implement 802.1X authentication in a Windows Server 2008 R2 domain environment using Protected-EAP authentication. I have designed the tutorial to be worked on in the specific order to prevent downtime if deployed during the day. By […]
Issue “Please insert overwritable media into the robotic library using the import command is displayed and the job status Queued during a backup job and overwritable media is available in the library and media sets. Error Alert:: Please insert overwritable media into the robotic library using the import command Cause Even after Basic troubleshooting […]
Had a puzzler last week. Client called up to say one of his contacts couldn’t email him. It was being rejected. Message Rejections will be a common problem for many people, and the best thing to do is get a copy of the rejection message or what i call NDR (Non Delivery Receipt (or Report) […]
If you need to export a list of user mailboxes (because your boss is making you or you simply have nothing better to do), it is quite an easy task if you have Exchange 2007 and up because of PowerShell snapins. You can just fire up PowerShell and import the Exchange 2010 Module. Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 Then: […]
Iperf is a neat little tool with the simple goal of helping administrators measure the performance of their network. Worthy of mention is the fact that it can measure both TCP and UDP performance on a network. Iperf is cross platform software and open source. You can download Iperf.exe from: Iperf.exe Linhost.info or Iperf.exe Ucf.edu We will […]
HOWTO: Configure Windows DHCP for Avaya IP telephones In this example we will configure Windows DHCP for Avaya IP telephones. In addition to your standard Option 003 Router you will also need a custom scope option in order for an Avaya IP phone to boot properly using DHCP. While I do reference the IP Office […]
Steps to take if your web application does not support the new Internet Explorer version 10. Find the recommended browser for your particular web application, by searching the KnowledgeBase for “recommended browser” for your application. You can test if Internet Explorer 10 will work by clicking the Compatibility View icon on the IE address […]
I was an early adopter of windows 8. And I do admit it is a very fast stable OS but MS really blundered in my opinion when it took away windows basic functionality we have used for the past 25 years. Yup I mean the trusty start button! I can understand getting away from that older technology […]
I have quite a few things going on at work at the moment. We are retiring an old Windows 2003 domain controller and bringing in a fresh new Server 2008 R2 DC as its replacement. This old server had many things on it which needed to be migrated off. Microsoft Certificate Authority was one of […]
As many folk have probably run into the domain admin from time to time is asked to obtain emails etc. from users mailboxes for whatever reason. You could reset the users password and login that way but what if you do not want to do that? well you can give a user access to all […]
There may come a time when you want to move a SharePoint content database from one disk on your SQL Server to another. Perhaps you installed SharePoint in standalone mode and don’t like the location it chose or you just need to move some stuff around. The following assumes you are moving the database from one disk […]
I am sure many of you have tried to open a document that has been emailed to you only to have word give you the ambiguous nondescript error about not being able to open the document. well here is how to get rid of it. BTW it is also easily remedied via group policy which is how […]
With the release of Windows Server 2008 and IIS 7, Microsoft has included PHP5 FASTCGI support. ISAPI is still faster in my opinion, and if used correctly, very stable. PHP uses a 32-bit DLL so it will not work with an x64 system. There are several ports of PHP to x64, but all have proved […]
I was cleaning up orphaned roaming profiles on one of my citrix boxes and ran across a profile I could not delete. in the past a quick reboot of the server solved the issue but not this time. every time I tried to delete the folder I got the “unable to delete directory: Access denied” […]
If you are administering a large domain I am sure you have the headache of trying to keep user accounts current. people come and people go and the network admin is usually the last person any one tells. Unfortunately that leaves a serious security vulnerability for you to deal with. possible high level accounts just hanging out in limbo. […]
10. Run Automatic Maintenance on a Schedule Windows 8 has a new feature that runs automatic maintenance tasks like software updates, security scanning, and other diagnostic tests daily. By default, it runs them at 3AM, of if you’re using your computer, the next time your computer becomes idle. You can change this time in the […]
Windows 8 is provoking a Marmite-like reaction among users, but that doesn’t mean you’ll fall directly into the love or hate camps. It’s more likely you’ll find certain new features useful and others unnecessary. If you’re pining for features no longer present, this article is for you.In this how-to guide, I’ll reveal how to water […]
Ok so you took the plunge and are running some version of VMware. Now you want to squeeze every bit of performance out of your hardware possible. In a previous post we went over changing your scsi controller to a para virtual adaptor fit hat is optimized for vm performance. Next up your network adaptor! […]
Why would I want to do this? well para virtual scsi controllers do not require as much system resources from the host to run and therefore give you better performance. woohoo how do we do this? http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1002149 1. While the VM is running, add a new disk with SCSI ID 1:0 (or 2:0 if 1:x already exists) […]
If you are using a tape library with Symantec Backup Exec you have probably been annoyed hen you went to the library to remove a tape to see the library is locked message. I know it has caused me to use a couple not so work friendly words. Well here is a easy way to […]
Well everyone has shelled out their hard earned cash on a antivirus product at some time or another. Well no need to do that any longer there are many free options out there these days avg for instance http://free.avg.com/us-en/homepage and MS security essentials http://windows.microsoft.com/en-US/windows/products/security-essentials I personally use and recommend MS security essentials for simple reasoning. MS makes […]
So you have exchange server and a webserver on your network with only one server. So what do y0u to get the folks that forget to put the https on the beginning of your webmail url to the right spot. If you had multiple ips it would be easy just redirecting all ssl traffic to a […]
Most drivers these days are signed by manufacturers for security reasons as well as monetary for MS but that’s another discussion all together. But if you are like me and need to use legacy or obscure hardware than windows 8 poses a particular issue out of the box. I personally use a USB to serial adaptor for […]
An often asked question is how to reclaim space after a service pack installation. We’ve talked about VSP1CLN and COMPCLN for Windows Vista and 2008. Now that SP1 is out, it’s time to talk about how to do this on Win7/R2. It’s a DISM command now: DISM.exe /Image:C:\test\offline /Cleanup-Image /spsuperseded /hidesp NOTE: This command is […]
If you are using a tape library with Symantec Backup Exec you have probably been annoyed hen you went to the library to remove a tape to see the library is locked message. I know it has caused me to use a couple not so work friendly words. Well here is a easy way to stop that extra step from needing to be made.
How to change Backup Exec’s robotic library locking behavior
By default, Backup Exec media servers will lock robotic libraries when running backup jobs or when a “Lock” job is run. The robotic library is automatically unlocked as part of import/export job operations or when an “Unlock” job is run.
In some cases, it may be desirable to prevent the robotic library from being locked by the Backup Exec media servers, typically in a SAN environment. Such examples are:
•In situations where the robotic library is in a secure room, but separated from the Backup Exec media servers by some distance.
•In situations where the robotic library uses a different locking strategy in its firmware than Backup Exec desires, such that an “Unlock” job is required from ALL the media servers before an import or export can be executed. These type of robotic libraries have footnotes on the BE HCL that state “In a shared storage option (SSO) environment, ALL Backup Exec servers are required to run an UNLOCK job prior to running an import job or export job or opening the mail slot.”
There is a registry key that can be used to prevent a Backup Exec media server from EVER issuing a lock command, including when executing a “Lock” job. A Backup Exec “Lock” job will complete successfully, even though it has not locked the robotic library, since the locking command was never sent to the robotic library. This registry key affects ALL the robotic libraries used by that Backup Exec server. This registry key cannot be used to change the behavior of only one robotic library if multiple robotic libraries are on the SAN.
When this registry key is used, the administrator must be aware that opening the robotic library door or using the robotic library portal to change media without Backup Exec’s knowledge or control is not advised. If media is changed without using an import/export job, an inventory job of the affected slots should be executed to update the Backup Exec media database.
•If it is desired that the robotic library should NEVER be locked, then this registry key should be changed on ALL the Backup Exec media servers using that robotic library. The Backup Exec administrator must realize that this has security implications that should be considered.
•If it is desired that the robotic library locking control be designated to one “preferred” Backup Exec media server, then the registry key should be set to “1” on all the BE media servers using that robotic library, except for that one “preferred” server. That “preferred” server then has exclusive control over locking the robotic library and should be the only BE media server used for import & export operations.
Run “unlock” jobs from ALL BE servers to unlock the library. If this unlock step is skipped (or not possible) the library will be in a locked state and BE will be unable to unlock it after the registry change. The workaround in that case is to power-cycle the library.
Warning: Incorrect use of the Windows registry editor may prevent the operating system from functioning properly. Great care should be taken when making changes to a Windows registry. Registry modifications should only be carried-out by persons experienced in the use of the registry editor application. It is recommended that a complete backup of the registry and workstation be made prior to making any registry changes.
Add the following value to the registry:
HKLM\software\Symantec\Backup Exec for Windows\Adamm\Disable Library Door Lock=1 to prevent locking
Note: The Backup Exec services must be restarted before the robotic library will be left in an unlocked state.
Well everyone has shelled out their hard earned cash on a antivirus product at some time or another. Well no need to do that any longer there are many free options out there these days
avg for instance http://free.avg.com/us-en/homepage
and MS security essentials http://windows.microsoft.com/en-US/windows/products/security-essentials
I personally use and recommend MS security essentials for simple reasoning. MS makes it so there is a much slimmer chance of problems between os and antivirus as well as windows performance degradation due to Anti-virus activities. If you have ever worked or used a machine running the full Symantec or mcafee security suites you know what a performance hit a machine can take from such products. and you get the added bunus of paying 50 dollars or so a year to have your machine take said performance hit.
So you have exchange server and a webserver on your network with only one server. So what do y0u to get the folks that forget to put the https on the beginning of your webmail url to the right spot. If you had multiple ips it would be easy just redirecting all ssl traffic to a single ip and http to the other but allas that is not going to work in this circumstance. So what do you do? the answer a custom error redirect for the specific url. here is a link to MS article to do it.
Enabling and enforcing SSL causes users to manually type the https:// portion or they get a 403;4 error page stating SSL is required. Additionally, users must manually add /exchange to the end of the website in order to connect to OWA.
How do I enable SSL and Form-based authentication?
How can I automatically redirect requests from the http:// site to the https:// site?
How can I automatically redirect the default website to the /exchange virtual directory?
The first step to configuring the server is to first obtain a certificate (create your own, or purchase one from a 3rd party such as Verisign or Thawte) and assign that certificate to the server. This is performed on the Default Web Site properties, under the Directory Security Tab. Once the certificate has been added, no additional configuration is needed on the Default Web Site. SSL does not need to be enabled. The following steps detail how to enable SSL, forms-based authentication and redirect the websites.
1. On the properties of the Exchange Virtual Directory, go to the same Directory Security tab and under the Secure Communications area, click on Edit. Choose Require Secure Channel (SSL) and check the box next to require 128-bit encryption. Follow the same steps for the Public Virtual Directory.
*Note: If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory. Make sure that you understand the impact of this change.
4. On the properties of your Default Web Site, go to the Documents Tab. Add redirect.htm to the list of documents, and move it to the top of the list. This ensures that the server checks for the redirect.htm file first and if it finds it, it will execute it.
Most drivers these days are signed by manufacturers for security reasons as well as monetary for MS but that’s another discussion all together. But if you are like me and need to use legacy or obscure hardware than windows 8 poses a particular issue out of the box. I personally use a USB to serial adaptor for configuring switches and other equipment from my laptop. So anyways after a little searching I found the answer. without further delay here is how you can enable installation of unsigned drivers in windows 8.
The steps to install a unsigned driver on windows 8 is as follows.
1. From windows 8 control panel choose General –> Under “Advanced Startup” –> Restart now.
Now the system will restart and might take some minutes to show up the boot menu. Wait for It patiently.
After some time you will be prompted with a menu with following options.
3. Turn off
Then the following menu appears.
Refresh your PC
Reset your PC
Choose Advanced Options
Then the following menu appears
System Image Recovery
Windows Startup settings
Choose Windows Startup Settings, then Click Restart.
Now the computer will restart and the boot menu appears. Choose “Disable Driver signature Enforcement” from the menu. Now windows will start and you can do the installation of the driver that is not signed
An often asked question is how to reclaim space after a service pack installation. We’ve talked about VSP1CLN and COMPCLN for Windows Vista and 2008. Now that SP1 is out, it’s time to talk about how to do this on Win7/R2. It’s a DISM command now:
DISM.exe /Image:C:\test\offline /Cleanup-Image /spsuperseded /hidesp
NOTE: This command is from the help file and might not be the command you need. For example, if you’re running against an online installation, the command is dism /online /cleanup-image /spsuperseded
You can also use the disk clean up wizard to remove the service pack files.
Of course, either of these will make the service pack permanent which means that you cannot uninstall it from the system once you do this.