showing all posts
by lunarg on October 23rd 2017, at 11:28

As found on, a list of bandwidth consumption per codec.

It's worth mentioning that the table also indicates the total consumption including IP overhead. When making assumptions about bandwidth requirements, it is useful to take this overhead into account.

G.711 64 Kbps 87.2 Kbps
G.729 8 Kbps 31.2 Kbps
G.723.1 6.4 Kbps 21.9 Kbps
G.723.1 5.3 Kbps 20.8 Kbps
G.726 32 Kbps 55.2 Kbps
G.726 24 Kbps 47.2 Kbps
G.728 16 Kbps 31.5 Kbps
iLBC 15 Kbps 27.7 Kbps
by lunarg on October 19th 2017, at 12:00

You can easily verify whether an ADFS implementation is working by using a browser and trying to log on:

Replace accordingly.

Note that in 2016, this no longer works unless you re-enable this feature through Powershell:

Set-AdfsProperties -EnableIdpInitiatedSignonPage $true
by lunarg on October 10th 2017, at 14:36
To properly shut down the NetApp (through the CLI):

First, close down all I/O to the NetApp by dismounting volumes, turning off servers, etc.

Log in on the NetApp through the CLI, using either a console cable or via SSH. Note that if you use SSH, you will not be able to see the complete shutdown sequence.

On the first controller, turn off cluster failover: cf disable

Shut down the controller: halt

Log on to the other controller (using SSH or swap the console cable), then shut down that controller too: halt

Wait until the shutdown sequence has completed before removing power from the controller chassis, then turn off the enclosures. You can use a console cable to verify whether th  ...
by lunarg on October 9th 2017, at 14:42
To create an UEFI-bootable USB installer for ESXi 6.5 (or newer) on a Mac, follow the steps below.

First, you'll need an USB flash drive. Any recent drive will be large enough (you'll need at least 512MB). Also, download the latest ESXi installer ISO from My VMWare. You probably need a My VMWare account.

With the prereqs in place:

Insert the USB flash drive in the Mac and start up Disk Utility.

Erase the USB flash drive and choose to format it:Partition map = MBR

Filesystem = FAT32

Give it a descriptive name of your choosing.

After erasing the drive, we still have to mark the one partition on it as "active". Disk Utility does not support this and needs to be done using Termi  ...
by lunarg on October 9th 2017, at 11:20

The RLM module may become unresponsive and you may see the following messages in the Syslog:

The software driver for the Remote LAN Module (RLM) detected a problem: Unable to update SP network information at this time.

You can resolve the issue by rebooting the RLM from the CLI.

Log on using the CLI (SSH or console), then reboot the RLM.

CLI: rlm reboot

Wait for a while and verify the RLM is back online:

CLI: rlm status

The output of the command should report: Status: Online

by lunarg on October 6th 2017, at 12:55

I got this through the contact form. It's a jargon-free guide to computer and internet security. It provides a detailed explanation on how to properly secure your computer and internet experience, and best of all, it uses simple and understandable language, lowering the bar for everyone to secure themselves against malware, ransomware and other malicious attacks.

by lunarg on October 6th 2017, at 12:49

Although unsupported, it is possible to install Microsoft Security Essentials on a Windows Server 2012.

To do this, set the compatibility of the downloaded file to Windows 7, then start that file with the parameter /disableoslimit.

The installation goes without a problem, and as far as I can tell, there are no compatibility issues.

by lunarg on September 28th 2017, at 14:36

If for any reason you need to determine whether a specific instance of VMWare View Connection Server is installed as a standalone server or a replica server, you can do so by looking into the registry.

In HKEY_LOCAL_MACHINE\Software\VMware, Inc.\VMware VDM, the value ServerInstanceType will indicate which type the CS is:

1 = standalone/first CS
2 = replica CS

Note that this doesn't really matter, as the only difference between them is whether they set up a new ADAM instance or connect to an existing one. After the installation of VCS, they are identical.

by lunarg on September 21st 2017, at 09:54
Quest Rapid Recovery provides the ability to replicate restore points to off-site location. More than often, connectivity to these locations has limited bandwidth and is sometimes even unstable. Unfortunately, Rapid Recovery doesn't do well with unstable connectivity: more than often, replication jobs abort because of high latency. Luckily, you can tweak the timeout parameters through the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\AppRecovery\Core\CoreSettings\ClientTimeoutSettings Increase the values of ReadWriteTimeout and ConnectionTimeout to 1 hour.

HKEY_LOCAL_MACHINE\SOFTWARE\AppRecovery\Core\Replication\ReplicationService Increase the values of VolumeImageSessionTimeout and RemoteReplicat  ...
by lunarg on September 16th 2017, at 10:28

You can very easily properly uninstall the Palo Alto GlobalProtect client on Mac OSX by running the included uninstallation script:

Open a Terminal and then run it by typing:

sudo /Applications/

Provide your password when asked and the script will uninstall GlobalProtect.

by lunarg on September 15th 2017, at 14:25
On October 31 2017, RPC over HTTP will be deprecated in Office 365, as stated here. This means that older Outlook versions (those that use RPC over HTTP) will no longer be able to connect to Office 365. The reason for this is that RPC over HTTP will be replaced in favor of the much newer MAPI over HTTP.

This switchover has an impact on all (older) Outlook versions that do not have the required update (incorporating MAPI over HTTP) functionality installed. Only Outlook versions that get this update will be able to connect to Office 365, resulting in the following changes:

Outlook 2007: no longer supported (there is no update).

Outlook 2010: only supported with SP2 and KB 2878264 installed   ...
by lunarg on September 15th 2017, at 11:52
Firefox 52 introduced an insecure form warning: whenever a password is requested on a web form through a non-SSL website (i.e. no "https"), Firefox displays a warning popup below the focused field:

While the gesture is appreciated (user awareness and all), it can become annoying. There is a way to turn the warning off through the advanced configuration of Firefox:

Start up Firefox and enter the following URL in the address bar: about:config

You'll get a This might void your warranty! page. Click the I accept the risk! button to continue.

You'll get a list of everything there is to configure in Firefox. In the search bar, paste the following value to quickly locate the correct p  ...
by lunarg on September 15th 2017, at 10:06
Sometimes it may become necessary to make changes to a DHCP scope on your Windows DHCP Server. Unfortunately, for existing scopes, not all scope options are editable, and it can become quite a hassle to recreate the scope, especially when there are a lot of reservations. Luckily, there's a workaround which allows you to edit the scope options, which is by using netsh.

It is not possible for netsh to directly edit scope options, but you can create a dump of the complete scope configuration (including all reservations), edit the resulting file, and import it back into the DHCP server. For this to work, you'll need admin (elevated) privileges on the DHCP server.

The procedure described  ...
by lunarg on September 12th 2017, at 10:31

One of the most common Exchange admin tasks is setting mailbox delegations. Personally, I usually do this through EAC but once you're familiar with the Powershell counterparts, it can be quicker to use that instead. I've created this post as a reference to do just that.

In the reference below, the user "Ellen Somebody" requires access to the mailbox of "John Doe".

Send on Behalf

Set-Mailbox john.doe -GrantSendOnBehalfTo ellen.somebody

Send As

Add-ADPermission john.doe -ExtendedRights Send-As -user ellen.somebody

Full Access

Add-MailboxPermission -Identity john.doe -User ellen.somebody -AccessRights FullAccess -InheritanceType All
by lunarg on September 12th 2017, at 09:47
Occasionally, you may encounter AD account lockouts and the reason for the lockout is not always apparent. Enabling NETLOGON logging on your domain controllers may help in this regard. The NETLOGON log file will provide a detailed logging of all NETLOGON events and helps you to trace the originating device on which the logon attempts (and subsequent lockout) occurs.

To enable NETLOGON logging, run the following command (from an elevated command prompt):

nltest /dbflag:0x2080ffff

The parameter is a integer value of flags, and 0x2080ffff is the highest level, showing detailed timestamps, the domain controller clients authenticate against, client site, account password expiration, and much m  ...
by lunarg on August 23rd 2017, at 14:11

Hyper-V does not allow to be installed on a machine that's already virtual (such as on another Hyper-V or VMWare). For VMWare, you can circumvent this by adding custom configuration parameters to the VM's configuration.

Add these to the VM's configuration, either through the vSphere (web)client, or by directly editing the VMX-file:

hvh.enable = TRUE
hypervisor.cpuid.v0 = FALSE 

If you're editing the VMX-file, you need to enclose the values (behind the =) in double quotes (").

by lunarg on August 22nd 2017, at 15:09

Older, obsolete releases of Ubuntu are no longer available on localized mirrors. Instead, you must use the old-releases repositories. This is done by replacing the repository entries in /etc/apt/sources.list:

  • →

For example:

would become

by lunarg on August 22nd 2017, at 13:49
After successfully extending a partition on a VM, Disk Management shows the correct partition size but Explorer still shows the old size, even after a reboot.

The reason for this is that while the partition has been extended to the new size, the filesystem itself has not. Normally, Disk Management should first extend the partition, then the filesystem, but for some reason, the second part did not happen.

To resolve, perform an extension of the volume using diskpart.

Open an elevated command prompt and start diskpart (type diskpart and press Enter).

List all volumes to find out which volume number corresponds with the drive you need to resize: DISKPART> list volume

Select the volume  ...
by lunarg on August 18th 2017, at 14:27
There's an issue with the Shorewall package in Debian 9 Stretch, causing Shorewall not to automatically start even when the required configuration files are in-place and/or modified. As stated here, the problem also exists on Ubuntu with some versions of the package (see article).

The problem lies with the package not enabling the startup script in systemd during installation. The solution is to manually enable this by running the following command (as sudo):

systemctl enable shorewall.service

This will enable Shorewall to automatically start during a reboot. Note that you will still have to set the correct parameters in /etc/default/shorewall (and possibly /etc/shorewall/shorewall.conf t  ...
by lunarg on August 9th 2017, at 12:20

You can easily run Transact-SQL (T-SQL) script files (with extension .sql) via the commandline utility sqlcmd:

sqlcmd -S Server\Instance -i C:\path\to\SomeScript.sql

By default, the output is written to the command prompt. You can also save the output to a file:

sqlcmd -S Server\Instance -i C:\path\to\SomeScript.sql -o C:\path\to\TheOutput.txt

Note that when using this, no output is written in the command prompt window.

showing all posts