I'm kind of over windows time issues, so I found this little bad boy! This thing is great, rock solid time sync, no headaches.
http://www.timesynctool.com/
Friday, October 31, 2014
Friday, August 1, 2014
You move a mailbox from Exchange 2010 / 2013 to a new server or Office 365 and you can't get rid of a shared mailbox that is automapped.
So you move a shared mailbox from Exchange to either a new server or to Office 365. After, a user still sees a shared mailbox automapped to their profile due to the exchange automapping feature. You aren't able to map the moved mailbox to their profile.
An easy solution is to simply remove it from the attributes in Active Directory.
- Open Active Directory Users and Computers.
- Click the View menu and select Advanced Features.
- Open the user in question.
- Click on the Attribute editor tab.
- Scroll down to msExchDelegateListLink, open it.
- Remote the mailbox that is automapped.
An easy solution is to simply remove it from the attributes in Active Directory.
- Open Active Directory Users and Computers.
- Click the View menu and select Advanced Features.
- Open the user in question.
- Click on the Attribute editor tab.
- Scroll down to msExchDelegateListLink, open it.
- Remote the mailbox that is automapped.
Wednesday, July 2, 2014
How to set up an Ubuntu Secondary (Slave) DNS Server as a Secondary DNS Server to your Windows Active Directory Environment
Recently I had a client ask me to configure an Ubuntu server as a secondary DNS server to their AD environment to give a remote office local DNS. Here is how I did it-
sudo apt-get install bind9
cd /etc/bind
sudo nano named.conf.local
zone "domain.local" IN {
type slave;
file "/var/cache/bind/domain.local.db";
allow-transfer { 192.168.0.0/16; };
allow-notify { 192.168.2.97; };
check-names ignore;
masters { 192.168.2.97; };
};
zone "2.168.192.in-addr.arpa" IN {
type slave;
Restart Bind
sudo /etc/init.d/bind9 restart
sudo apt-get install bind9
cd /etc/bind
sudo nano named.conf.local
zone "domain.local" IN {
type slave;
file "/var/cache/bind/domain.local.db";
allow-transfer { 192.168.0.0/16; };
allow-notify { 192.168.2.97; };
check-names ignore;
masters { 192.168.2.97; };
};
zone "2.168.192.in-addr.arpa" IN {
type slave;
file "/var/cache/bind/2.168.192.db";
allow-transfer { 192.168.0.0/16; };
allow-notify { 192.168.2.97; };
masters { 192.168.2.97; };
};
(Note- Replace domain.local with your AD domain, replace the 192.168.0.0/16 with your internal IP subnet, replaced 192.168.2.97 with your internal DC that you want to transfer DNS from.)
sudo nano named.conf.options
allow-query { any; };
allow-recursion { any; };
forwarders {
8.8.8.8;
4.2.2.2;
};
On your AD server, go into DNS, right click on the internal DNZ zone, and add the IP of your Ubuntu box to the zone transfers tab. Do the same for the reverse zone.
Restart Bind
sudo /etc/init.d/bind9 restart
That's it!!!
Monday, May 26, 2014
How to move Public Folders from Exchange 2010 to Exchange 2013
This is my write up on moving public folders from 2010 to 2013.
From the Exchange 2010 server, run the following
Get-PublicFolder –Recurse | ConvertTo-CSV >C:\Exchange2010-PFStructure.csv
Get-PublicFolder -Recurse | Get-PublicFolderStatistics | ConvertTo-Csv >C:\Exchange2010-PFStatistics.csv
Get-PublicFolder -GetChildren | Get-PublicFolderClientPermission | Select-Object Identity,User -ExpandProperty AccessRights | ConvertTo-CSV >C:\Exchange2010-PFPermissions.csv
From the Exchange 2010 server, make sure PublicFoldersLockedForMigration and PublicFolderMigrationComplete is set to False
Get-OrganizationConfig | fl *Migration*
If this parameter is set to True , Run the below command to Change it to False
Set-OrganizationConfig -PublicFoldersLockedforMigration:$false -PublicFolderMigrationComplete:$false
From the Exchange 2013 server, make sure there is no PublicFolderMigrationRequest and PublicFolder Mailbox
Get-PublicFolderMigrationRequest
Get-Mailbox -PublicFolder
Copy the following files to from the Exchange 20130 Scripts folder (C:\Program Files\Microsoft\Exchange Server\V15\Scripts) to the Exchange 2010 Scripts Folder (C:\Program Files\Microsoft\Exchange Server\V14\Scripts)
Export-PublicFolderStatistics.strings
Export-PublicFolderStatistics
PublicFolderToMailboxMapGenerator.strings
PublicFolderToMailboxMapGenerator
On the Exchange 2010 server, open the Exchange Management Shell and navigate to C:\Program Files\Microsoft\Exchange Server\V14\Scripts, create the folder C:\PFMigration and run the following scripts-
.\PublicFolderToMailboxMapGenerator.ps1 -MailboxSize 5000000000 -ImportFile C:\PFMigration\Exchange2010-PFtoSize.csv -ExportFile C:\PFMigration\Exchange2010-PFtoMailbox.csv
Open file C:\PFMigration\Exchange2010-PFtoMailbox.csv with notepad, change the PF Mailbox name to one you wish (PFMailbox)
Copy the C:\PFMigration folder and the CSV from your Exchange 2010 Server to your Exchange 2013 Server.
On the Exchange 2013 Server, create your Public Folder Migration Request. If required you can add the parameters -AcceptLargeDataLoss –BadItemLimit
New-PublicFolderMigrationRequest -SourceDatabase (Get-PublicFolderDatabase –Server EXCH2010) -CSVData (Get-Content C:\PFMigration\Exchange2010-PFtoMailbox.csv -Encoding Byte)
Check the status of migration request.
Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics -IncludeRepor
When it fails, use this command to find out why-
Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics -IncludeReport | FL
You might see this, it means you have mail enabled folders that have a space in the alias field or a space before or after the alias. Go to the public folder manager, go to the peoperties of the mail enabled public folder listed and change the alias to have no spaces.
"Error: Property expression "B list" isn't valid. Valid values are: Strings formed
with characters from A to Z (uppercase or lowercase), digits from 0 to 9, !, #, $,
%, &, ', *, +, -, /, =, ?, ^, _, `, {, |, } or ~. One or more periods may be
embedded in an alias, but each period should be preceded and followed by at least
one of the other characters. Unicode characters from U+00A1 to U+00FF are also
valid in an alias, but they will be mapped to a best-fit US-ASCII string in the
e-mail address, which is generated from such an alias."
Once you fixed this, resume the migration-
Get-PublicFolderMigrationRequest | Resume-PubliFolderMigrat
If you forgot to set the baditemlimit or set it too small, you can change it with this command.
Set-PublicFolderMigrationRequest -Identity \PublicFolderMigration -baditemlimit 200
Get-PublicFolderMigrationRequest | Resume-PubliFolderMigrat
Once the PublicFolderMigrationRequest shows autosuspended, on the Exchange 2010 server set PublicFoldersLockedForMigration to True. This may take a couple of hours.
Set-OrganizationConfig -PublicFoldersLockedForMigration:$true
On the Exchange 2013 server, complete the migration.
Get-PublicFolderMigrationRequest -Identity \PublicFolderMigration | Set-PublicFolderMigrationRequest -PreventCompletion:$false
Get-PublicFolderMigrationRequest -Identity \PublicFolderMigration | Resume-PublicFolderMigrationRequest
From the Exchange 2010 server, run the following
Get-PublicFolder –Recurse | ConvertTo-CSV >C:\Exchange2010-PFStructure.csv
Get-PublicFolder -Recurse | Get-PublicFolderStatistics | ConvertTo-Csv >C:\Exchange2010-PFStatistics.csv
Get-PublicFolder -GetChildren | Get-PublicFolderClientPermission | Select-Object Identity,User -ExpandProperty AccessRights | ConvertTo-CSV >C:\Exchange2010-PFPermissions.csv
From the Exchange 2010 server, make sure PublicFoldersLockedForMigration and PublicFolderMigrationComplete is set to False
Get-OrganizationConfig | fl *Migration*
If this parameter is set to True , Run the below command to Change it to False
Set-OrganizationConfig -PublicFoldersLockedforMigration:$false -PublicFolderMigrationComplete:$false
From the Exchange 2013 server, make sure there is no PublicFolderMigrationRequest and PublicFolder Mailbox
Get-PublicFolderMigrationRequest
Get-Mailbox -PublicFolder
Copy the following files to from the Exchange 20130 Scripts folder (C:\Program Files\Microsoft\Exchange Server\V15\Scripts) to the Exchange 2010 Scripts Folder (C:\Program Files\Microsoft\Exchange Server\V14\Scripts)
Export-PublicFolderStatistics.strings
Export-PublicFolderStatistics
PublicFolderToMailboxMapGenerator.strings
PublicFolderToMailboxMapGenerator
On the Exchange 2010 server, open the Exchange Management Shell and navigate to C:\Program Files\Microsoft\Exchange Server\V14\Scripts, create the folder C:\PFMigration and run the following scripts-
.\PublicFolderToMailboxMapGenerator.ps1 -MailboxSize 5000000000 -ImportFile C:\PFMigration\Exchange2010-PFtoSize.csv -ExportFile C:\PFMigration\Exchange2010-PFtoMailbox.csv
Open file C:\PFMigration\Exchange2010-PFtoMailbox.csv with notepad, change the PF Mailbox name to one you wish (PFMailbox)
Copy the C:\PFMigration folder and the CSV from your Exchange 2010 Server to your Exchange 2013 Server.
On the Exchange 2013 Server, create your Public Folder Migration Request. If required you can add the parameters -AcceptLargeDataLoss –BadItemLimit
New-PublicFolderMigrationRequest -SourceDatabase (Get-PublicFolderDatabase –Server EXCH2010) -CSVData (Get-Content C:\PFMigration\Exchange2010-PFtoMailbox.csv -Encoding Byte)
Check the status of migration request.
Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics -IncludeRepor
When it fails, use this command to find out why-
Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics -IncludeReport | FL
You might see this, it means you have mail enabled folders that have a space in the alias field or a space before or after the alias. Go to the public folder manager, go to the peoperties of the mail enabled public folder listed and change the alias to have no spaces.
"Error: Property expression "B list" isn't valid. Valid values are: Strings formed
with characters from A to Z (uppercase or lowercase), digits from 0 to 9, !, #, $,
%, &, ', *, +, -, /, =, ?, ^, _, `, {, |, } or ~. One or more periods may be
embedded in an alias, but each period should be preceded and followed by at least
one of the other characters. Unicode characters from U+00A1 to U+00FF are also
valid in an alias, but they will be mapped to a best-fit US-ASCII string in the
e-mail address, which is generated from such an alias."
Once you fixed this, resume the migration-
Get-PublicFolderMigrationRequest | Resume-PubliFolderMigrat
If you forgot to set the baditemlimit or set it too small, you can change it with this command.
Set-PublicFolderMigrationRequest -Identity \PublicFolderMigration -baditemlimit 200
Get-PublicFolderMigrationRequest | Resume-PubliFolderMigrat
Set-OrganizationConfig -PublicFoldersLockedForMigration:$true
On the Exchange 2013 server, complete the migration.
Get-PublicFolderMigrationRequest -Identity \PublicFolderMigration | Set-PublicFolderMigrationRequest -PreventCompletion:$false
Get-PublicFolderMigrationRequest -Identity \PublicFolderMigration | Resume-PublicFolderMigrationRequest
Now Verify PublicFolderMigrationRequest is 100 Percent Complete
Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics
Get-PublicFolder –Recurse
Log on to OWA, right Click on Favorites, click Add Public Folder and verify you are able to access the migrated Data
Wednesday, April 9, 2014
Heartbleed
What is Heartbleed?
Heart is a serious vulnerability discovered in OpenSSL (a
cryptographic software library used by most devices to implement SSL and TLS
code).
What does it do?
The Heartbleed bug exposes up to 64k memory of the server it
is running on allowing an attacker to read the memory of the system. This enables anyone on the Internet to find
things like private keys, passwords, bank account information, etc.
Where did it come from?
Heartbleed was introduced by a new feature added to TLS
called the Heartbeat Extension which adds the capability to keep TLS
connections alive without continuous data transfer.
What servers does this affect?
Mostly Apache servers, or any other devices that use OpenSSL
libraries versions 1.01 and 1.0.2-beta.
Does it affect Windows Servers?
It does not affect Microsoft’s IIS (Internet Information
Services) or Exchange Server. It would
affect apache on windows using OpenSSL.
How do I know if a server is affected?
Test it! http://filippo.io/Heartbleed/
If I have an affected server, what do I do about it?
Patch it, version 1.0.1g resolves the issue. You should also re-key your SSL certificate.
Saturday, March 29, 2014
You attempt to copy a file via FTP to your Cisco ASA and receive the error "(No more processes)"
You attempt to copy a file via FTP to your Cisco ASA and receive the error "(No more processes)". This cryptic error COULD just mean 'file not found', when the file name isn't present this error is returned. Not sure why Cisco couldn't tell you this, but this is the message you would receive.
Thursday, March 27, 2014
Allow users to change their expired passwords via OWA.
One common scenario is that user's passwords expire when they are out of town or remote, and they are unable to change their password. Starting with Exchange 2007 Service Pack 3 (and 2010/2013), users have the ability to change their expired password via OWA if you set a registry key to turn this functionality on.
- On your Exchange CAS server, open regedit and navigate
to HLKM\SYSTEM\CurrentControlSet\Services\MSExchange OWA
- Create a DWORD value called ChangeExpiredPasswordEnabled, and set the value data to 1. If it already exists, simply change the value data to 1.
- Close regedit, open the command prompt and type 'iisreset /noforce' to restart IIS.
- On your Exchange CAS server, open regedit and navigate
to HLKM\SYSTEM\CurrentControlSet\Services\MSExchange OWA
- Create a DWORD value called ChangeExpiredPasswordEnabled, and set the value data to 1. If it already exists, simply change the value data to 1.
- Close regedit, open the command prompt and type 'iisreset /noforce' to restart IIS.
Subscribe to:
Posts (Atom)