Search your entire LAN for a PST or for users saving data to their local computers!

Came across this on an Internet forum I am on.

Ever want to search your entire Lan for PSTs?  Or to see if users are storing files on their local computers?

LAN Search Pro is a FREE network search utility that will scan your entire network for certain file types!

http://www.softperfect.com/products/lspro/

Exchange 2013- Blank ECP / OWA screen, event ID 15021 HttpEvent in system event log.

You have an exchange 2013, after some unknown event nobody can get to OWA or ECP (or any other IIS based resource including outlook.)  Instead, users get a login screen then a blank page.  In the system event log, you see hundreds of id 15021 on the source HttpEvent that say “An error occurred while using SSL configuration for endpoint 0.0.0.0:444.  The error status code is contained within the returned data.” 

-          Open the Command Prompt

-          Run-

netsh http show sslcert

-          This will show the certs, copy and paste this information into notepad.  Under     IP:port   : 127.0.0.1:443, note the certificate hash and application ID.

-          Run this command-  (Yes, I know there is no :444 listed in the output from the earlier command.)

netsh http delete sslcert ipport=0.0.0.0:444

-          Run this command.  Replace certhas with the certificate hash and appid with the application ID you saved in notepad.

netsh http add sslcert ipport=0.0.0.0:444 certhash=123123123123123 appid="{123123123123-1231231235}"

-          Reboot the server.

Looking for an easier way to audit (Track or Report) windows logon / logouts?

This comes up a lot, that internal admins or management wants the ability to track user's logons, only auditing is to complex to navigate.

The traditional way is to enable event log auditing of logons.  In order to accomplish this, your domain will need to be configured to audit logon events.  To do this, you'd create a GPO and set "Audit account logon events" to both success and failure.  This is done under "Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy."  Once this is configured, you can utilize the tool ADAudit+ to generate reports based on this information.  http://www.manageengine.com/products/active-directory-audit/user-logon-audit-reports.html#workstation.

Another simple approach can be done via login scripts.
 - Create a shared folder on the network. Everyone should have full access to this share.  In my example, I'll use "access"
 - In that folder, create a folder called User and a folder called Computer (just whichever one you want to use).
 - Create a Login.bat batch file-
          Name- Login.bat
          Option 1 -          
          rem The following line creates a rolling log file of usage by workstation
          echo Log In %Date% %TIME% %USERNAME% >>                        
          \\server\access\computer\%COMPUTERNAME%.log
         
          Option 2 -          
          rem The following line creates a rolling log file of usage by user
          echo Log In %Date% %TIME% %COMPUTERNAME% >> \\server\access\user\%USERNAME%.log
 - Create a Logout.bat batch file-
          Name- Logout.bat
          Option 1 -  
          rem The following line creates a rolling log file of usage by workstation
          echo Log Off %Date% %TIME% %USERNAME% >> \\server\access\computer\%COMPUTERNAME%.log

          Option 2 -
          rem The following line creates a rolling log file of usage by user
          echo Log Off %Date% %TIME% %COMPUTERNAME% >> \\server\logs\user\%USERNAME%.log
 - Put these files in the Access shared folder.
 - Create a GPO, Under "User Configuration\Windows Settings\Scripts", add login.bat to the Logon Scripts box and logout.bat to the Logout Scripts box.

Using cleanmgr.exe (Disk Cleanup) to cleanup old service packs and system files in Windows Server 2008 R2

Windows  7 and Windows 2008 R2 include a cool feature as part of the disk cleanup wizard that allows you to remove old service pack backup files to free up space on your C: drive / partition.  Unfortunately it means installing the Desktop Experience which, besides having a bunch of crap you don't need, requires a reboot.

There is another (and better) way!

Simply copy cleanmgr.exe to C:\Windows\System32. from-
C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe

and copy cleanmgr.exe.mui to C:\Windows\System32\en-US.
C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui

(You can also just go into C:\windows\winsxs and search for those two files.)

Now you can simply run cleanmgr.exe (you may need to navigate to it and run as administrator if you have UAC turned on) and select "Service Pack Backup Files".

How to upgrade an ASA OS remotely using FTP.

Sometimes I'm required to upgrade a Cisco ASA's OS remotely.  Most Cisco admins are familiar with upgrading the OS using TFTP.  Because TFTP uses UDP, remotely sending the OS via TFTP is not a good idea.  (I'd tell you a joke about UDP, but you might not get it.)

To upgrade via FTP-
I use a FileZilla active mode FTP server.  So first, disable passive mode.

configure terminal
no ftp mode passive

Then, use this copy command-
copy ftp://<Username>:<Password>@<IP Address>/asa825-k8.bin disk0:/asa825-k8.bin

So in my case- (using a fake invalid IP)
copy ftp://cisco:Passw0rd@107.12.631.147/asa825-k8.bin disk0:/asa825-k8.bin

Next you're going to want to check the checksum.  If you go to cisco.com, support, and find your product's software downloads, you can see the checksum by hovering over the file.

Use the command-
verify /md5 disk0:/asa825-k8.bin 97951eea5b35e0544ca9242e6818b39f

Once the checksum is verified, simply change your boot command-
boot system disk0:/asa825-k8.bin
..and remove any old boot system commands.

Use your ipad as a second monitor!

This is great for road warriors who are already carrying a laptop and an iPad.

Need a 2nd monitor that's light and easy? You can leverage your iPad as a 2nd monitor for your computer in Extended Desktop mode!

AirDisplay from Avatron.

http://www.avatron.com/apps/air-display/

Installs a tool on your PC/Mac, and an app on IOS.  Cost is $10. Works over WIFI. Pretty slick.

Why is my NIC labeled "Local Area Connection 2" or why am I getting the message "IP address you have entered for this network adapter is already assigned to another adapter"?

Say you notice that your network adapter is labeled "Local Area Connection 2" or you get a message that says "The IP address you have entered for this network adapter is already assigned to another adapter" when attempting to assign a static IP address.

This happens because you have a previous 'removed' network adapter that hasn't been removed in Windows.  This may be a little confusing, especially on virtualized machines.  Each NIC has a unique MAC address, so whenever a new one is installed a new adapter is created in Windows.  Removing the old ones is actually pretty simple.

 - Go to your Command Prompt.  (In 2008 and above, you need to right click on the command prompt icon and run as administrator)

 - From the command prompe, type
SET DEVMGR_SHOW_NONPRESENT_DEVICES=1
and hit Enter.

 - Then (again from the command prmopt) type
START DEVMGMT.MSC
and hit Enter.

 - Device manager will start, in device manager click the View menu and select "Show hidden devices".

 - Now under Network Adapters you will see the old network adapter and can remove it.