I like to keep my "Real" Users in a separate folder away from all the other system accounts. This ensures that only valid accounts are displayed if you use LDAP lookups for various applications (e.g. a network scanner)
Windows 2003 introduced a couple of new commands that allow you to change the default location:
Users:
ReDirUsr "OU=RealUsers,DC=domain,DC=com"
Computers:
ReDirCmp "OU=RealComputers,DC=domain,DC=com"
You need to run this on a Domain Controller, and you need the AD to be in Windows 2003 mode as a minimum.
As you want to ensure the path to the new directory is correct, I recommend Softerra LDAP browser (it's free) which allows you to connect to the AD with LDAP and copy object locations.
I hope this helps you out...please click on an advert to show your appreciation.
Friday, 26 August 2011
Tuesday, 16 August 2011
0x8007010b errors in Task Scheduler
Windows 7 and 2008 introduced a new, more comprehensive Task Scheduler.
While the "Create Task" button provides you with every option available, I could not run any tasks without the 0x8007010b error message.
It turns out that this error is caused by the "quotes" in the Start in field. The "Program/script" field needs quotes (if there is a space in the path to the file, but all quotes must be stripped from the "Start in (optional)" field.
It's counter-intuitive, but that's the way Microsoft wrote it.
Anyway, I hope this tip helps, and don't forget to click on the ads to show your appreciation :)
While the "Create Task" button provides you with every option available, I could not run any tasks without the 0x8007010b error message.
It turns out that this error is caused by the "quotes" in the Start in field. The "Program/script" field needs quotes (if there is a space in the path to the file, but all quotes must be stripped from the "Start in (optional)" field.
It's counter-intuitive, but that's the way Microsoft wrote it.
Anyway, I hope this tip helps, and don't forget to click on the ads to show your appreciation :)
Friday, 5 August 2011
F5 URL and URI Variables
iRules are a fantastic feature of the F5.
Sometimes you need to do operations based upon the actual URL which has been typed and this page should give you a handy lookup guide to show which variables give up which parts of the URL.
Example URL: http://example.com/directory1/directory2/directory3/filename.html?
argument1=value1&argument2=value2&argument3=value3
| Variable | Description | Example |
| [HTTP::host] | hostname | example.com |
| [HTTP::uri] | Everything after the hostname | example.com/directory1/directory2/directory3/filename.html ?argument1=value1&argument2=value2&argument3=value3 |
| [HTTP::path] | the directory path and file name | /directory1/directory2/directory3/filename.html |
| [HTTP::query] | everything after the ? | argument1=value1&argument2=value2&argument3=value3 |
| [URI::path [HTTP::uri] depth] | number of directories | value of 3 |
| [URI::path [HTTP::uri] 1 1] |
directory 1
|
directory1
|
[URI::path [HTTP::uri] 2 2]
|
directory 2
|
directory2
|
[URI::path [HTTP::uri] 3 3]
|
directory 3
|
directory3
|
[URI::query [HTTP::uri] "argument1"]
|
argument 1
|
value1
|
[URI::query [HTTP::uri] "argument2"]
|
argument 2
|
value2
|
[URI::query [HTTP::uri] "argument3"]
|
argument 3
|
value3
|
[URI::basename [HTTP::uri]]
|
file name
|
filename.html
|
If this page proves useful, please click on one of the adverts on the side
Monday, 11 April 2011
Moving Public Folders from Exchange 2003 to Exchange 2010
Migrating from Exchange 2003 can be a worrisome process.
Exchange is probably the most mission critical server in your organisation you want to ensure that no data is lost.
Public folders are often overlooked and it's only when you get towards decommissioning the server that you start to think about how to get the data off it.
The concept is easy, Exchange 2003 will only allow you to delete a PF store, if all PFs are replicated on other servers.
Microsoft have provided a few scripts to help you set up the PF replication they are located on the Ex2010 server in C:\Program Files\Microsoft\Exchange Server\V14\Scripts:
Exchange is probably the most mission critical server in your organisation you want to ensure that no data is lost.
Public folders are often overlooked and it's only when you get towards decommissioning the server that you start to think about how to get the data off it.
The concept is easy, Exchange 2003 will only allow you to delete a PF store, if all PFs are replicated on other servers.
Microsoft have provided a few scripts to help you set up the PF replication they are located on the Ex2010 server in C:\Program Files\Microsoft\Exchange Server\V14\Scripts:
AddReplicaToPFRecursive.ps1 – adds a server to the replica list for a public folder and subfolders.
For example, to add EX2010 as a replica for all public folders on server EX2003 starting at the root folder of \ you would run this command.
AddReplicaToPFRecursive.ps1 –Server EX2003
–TopPublicFolder \ –ServerToAdd EX2010MoveAllReplicas.ps1 – this script replaces all of the replicas on one server with the new server. It works over the whole Public Folder store so there is no need to specify the root folder.
To move all replicas from EX2003 to EX2010 you would run this command.
MoveAllReplicas.ps1 –Server EX2003 –NewServer EX2010To check that the replicas have been set on the folders, you can run:
Get-publicfolder -recurse |fl identity,replicasOnce the replicas are all up to date, you should be able to remove the Ex 2003 public folder store.
I hope this tip proves useful for you, please remember to click on the ads to show your thanks.
Monday, 4 April 2011
Setting up Exchange 2010 to relay
By default, Exchange 2010 is locked down to stop unauthenticated users sending out emails to the Internet.
This is very good practice, but sometimes you do want this functionality (for example I want my monitoring system to alert me by SMS which involves sending an email to to phone provider).
First, you're going to need a new internal IP address.. there might be ways around this, but this will minimise any security risks... you don't need another NIC, just add a second IP address to your existing one.
One you have that set up, go to Server Config – Hub Transport:
Then:
This is very good practice, but sometimes you do want this functionality (for example I want my monitoring system to alert me by SMS which involves sending an email to to phone provider).
First, you're going to need a new internal IP address.. there might be ways around this, but this will minimise any security risks... you don't need another NIC, just add a second IP address to your existing one.
One you have that set up, go to Server Config – Hub Transport:
Edit Default Receive Connector to only listen on the OLD IP address.
Actions – New Receive Connector
Follow the wizard filling in the information:
Name: RelayConnector
Use: Custom
Local Network settings:
FQDN:
Remote Network Settings:
Then edit the new Receive Connector so nothing is ticked on the Authentication Tab
Then make sure Anonymous users is selected on the Permissions Groups tab
Once this is done, open up Exchange PowerShell and allow anonymous users to authenticate using:
Get-ReceiveConnector RelayConnector | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”
You should then be able to relay from you own subnet to external IPs.
I hope this tip helps you out... show your appreciation by clicking on an advert on the site.
Friday, 7 January 2011
Domain Administrator Can't Run ActiveSync on Exchange 2010
After testing the new server, I moved my mailbox over, and everything good, however my phone refused to connect using ActiveSync.
After much swearing, and a very useful visit to https://www.testexchangeconnectivity.com, I found out that Domain Admin accounts have Security Permissions inheritance blocked. This meant that the Exchange Servers group did not have the correct permissions on my mailbox.
To check whether inheritance is disabled on the user:
- Open Active Directory Users and Computers.
- On the menu at the top of the console, click View > Advanced Features.
- Locate and right-click the mailbox account in the console, and then click Properties.
- Click the Security tab.
- Click Advanced.
- Make sure that the check box for "Include inheritable permissions from this object's parent" is selected.
A few minutes later I was able to successfully sync my Android phone to my Exchange 2010 server.
I hope this article proves useful, please click on an advert to show your thanks.
Saturday, 1 January 2011
Tweak for more battery life on the Advent Vega
The Advent Vega has pretty impressive battery life, but if you want to squeeze even more life out of the beast, you may want to try this hack.
If you look at your battery stats, you'll see that the Device Standby process is sucking down a lot of the battery use... strange, that's the process for your cellular radio... and the Vega doesn't have a phone!
So, let's connect the Vega to the computer, and run the following ADB commands (these are from the android development kit).
The Advent will reboot and when it comes up it'll be no longer running the useless process.
You'll also get a notification telling you that there is no signal... annoying, but at least you know it's worked!
To undo the changes, just run this script.
Hopefully you'll find this hint useful, please click on an advert to show your appreciation :)
If you look at your battery stats, you'll see that the Device Standby process is sucking down a lot of the battery use... strange, that's the process for your cellular radio... and the Vega doesn't have a phone!
So, let's connect the Vega to the computer, and run the following ADB commands (these are from the android development kit).
adb shell mount -o remount,rw /dev/block/mmcblk0p5 /system adb shell mv /system/app/Phone.apk /system/app/Phone.OLD adb shell mv /system/app/TelephonyProvider.apk /system/app/TelephonyProvider.OLD adb reboot
The Advent will reboot and when it comes up it'll be no longer running the useless process.
You'll also get a notification telling you that there is no signal... annoying, but at least you know it's worked!
To undo the changes, just run this script.
adb shell mount -o remount,rw /dev/block/mmcblk0p5 /system adb shell mv /system/app/Phone.OLD /system/app/Phone.apk adb shell mv /system/app/TelephonyProvider.OLD /system/app/TelephonyProvider.apk adb reboot
Hopefully you'll find this hint useful, please click on an advert to show your appreciation :)
Subscribe to:
Posts (Atom)