Backtrack:  
Blog
 
showing all posts
Configure Internet Explorer (and Chrome) proxy settings through VBScript
edited by on June 12th 2015, at 13:14
Attached to this article are scripts to configure proxy settings for Internet Explorer (all versions). As Google Chrome uses the IE settings for their proxy settings, it can be used for that browser as well. I know there are other, far better methods for configuring proxy settings for clients, but continue your read to see why they were not usable in this particular case.

I ran into a customer where they were still using Internet Explorer Maintenance in their group policies to configure proxy settings for their clients. As a result, all users who got more recent computers did not get the proxy settings, as they were running Internet Explorer 10 or newer. Starting from IE10, configuration of  ...
 
Convert Exchange mailbox to another type
edited by on June 11th 2015, at 15:09

You can easily convert an Exchange mailbox from one type to another through the Exchange Management Shell.

Set-Mailbox -Identity user.name -Type Regular

There are four types you can use to convert to:

  • Regular (User mailbox);
  • Shared
  • Equipment
  • Room

The Equipment and Room types are used for reservations of meeting rooms and equipment (DLP).

 
ZeroHedge reveals: 10 countries dead within two decades
edited by on June 11th 2015, at 13:33
ZeroHedge, a controversial financial and economical blog, is particular popular on Wall Street, because of its "straight-up" mentality. Although their writers often seem to have well-founded sources when it comes to financial news, sometimes they manage to have borderline conspiracy theories.

Their latest prediction is about ten countries that will disappear in the next two decades. According to the author, each of these countries have all the indications and the potential of disappearing very soon, whether it's because of economical, political or environmental causes.

The full article: http://www.zerohedge.com/news/2015-06-03/10-countries-dead-within-two-decades

From least like  ...
 
Top 10 countries to move to after retirement
edited by on June 11th 2015, at 12:37

The Natixis Global Retirement Index, compiled by Natixis Global Asset Management, determines the most ideal countries to move to after retirement. The organization analyzes 150 countries on the quality of live of its retired population, based on different criteria, such as: access to health care, life expectancy, tax, income egality, investment opportunities, and general quality of life. According to the research, based on those criteria, the following top 10 countries are the most ideal to live in after retirement:

  1. Switzerland
  2. Norway
  3. Australia
  4. Iceland
  5. Netherlands
  6. Sweden
  7. Denmark
  8. Austria
  9. Germany
  10. New Zealand
 
NETLOGON wait operation timed out when demoting a 2003 domain controller
edited by on June 10th 2015, at 16:04

When demoting a 2003 domain controller using dcpromo, you may run into the following error:

Error
The operation failed because:

Failed to configure the service NETLOGON as requested

"The wait operation timed out"

The error message is quite misleading as the real cause has got nothing to do with NETLOGON, but is in fact a DNS issue. You will most likely have the server's primary DNS pointing to itself using loopback address (127.0.0.1) or its own IP address.

You can correct the issue by having the DNS point to remaining domain controllers, and remove any DNS pointing to itself (i.e. loopback address or any other IP owned by the server being demoted).

 
Find certificate authority servers in your Active Directory (AD) domain
edited by on June 10th 2015, at 14:29

There are two ways to see which Certificate Authority servers exist in your AD domain.

1. Check the Cert Publishers group

The AD group Cert Publishers contain the servers that are permitted to publish certificates to AD. As a consequence, this gruop will contain all servers that are CAs.

2. Use certutil

You can use the certutil command to view (and select from) a list of CAs in the current AD domain:

certutil -config - -ping

Note: type the command as-is, including all spaces and hyphens.

A window will appear, listing the CA name and the server it runs on.

 
An error (1301) occurred while enumerating the groups. The group's SID could not be resolved
edited by on June 10th 2015, at 14:20
After migrating AD from 2003 to 2012, I ran into this issue on a RADIUS server running 2008 R2, used for authentication. When attempting to retrieve AD information for a particular user, the following error appeared:

Error
An error (1301) occurred while enumerating the groups. The group's SID could not be resolved.

The solution (at least for Windows 7 and 2008 R2), is to install hotfix 2830145.

The hotfix is only available by request through e-mail.

When attempting to log on to a 2012-based domain controller, the following SIDs are unmappable:

S-1-18-1 : Authentication authority asserted identity

S-1-18-2 : Service asserted identity

2012 introduces two new securit  ...
 
15 Things to Do After Installing Ubuntu 15.04 Desktop
edited by on June 9th 2015, at 16:18

Nice article about things you can do after a fresh install of Ubuntu on your computer:

http://www.tecmint.com/things-to-do-after-installing-ubuntu-15-04-desktop/

Very useful if you don't have a whole lot of experience with linux in general, and Ubuntu in particular.

 
About Internet Explorer Administration Kit (IEAK)
edited by on June 9th 2015, at 10:47

It has always been a bit tedious to manage and customize Internet Explorer through group policies, especially when your network has different versions of Windows and/or different versions of Internet Explorer.

To reduce complexity of maintaining Internet Explorer in a network, since long, Microsoft has made available the Internet Explorer Administration Kit. This tool allows you to exert more control over Internet Explorer, its settings and its behaviour.

More information and downloading the IEAK: https://technet.microsoft.com/en-us/ie/bb219517.aspx

 
Unauthorize Windows DHCP server error
edited by on June 8th 2015, at 10:36
Upon unauthorizing a Windows DHCP server, you may get the following error:

DHCP
The parameter is incorrect.

Most commonly, there are two reasons for this error to occur.

If you have just unauthorized a DHCP server, it may take a while for AD to replicate the change to other domain controllers. As a result, the DHCP server may still think it's authorized, whereas it is not. Either wait for, or trigger AD replication throughout your network.

Another reason for this error to occur is the presence of another DHCP server in AD that no longer exists. You can check this with the netsh dhcp command, available on any server with the DHCP server role installed:

netsh dhcp show server

Run the com  ...
 
Difference between index rebuild and reorganize on SQL Server
edited by on June 8th 2015, at 09:47
Maintaining indexes on your table is an important part of keeping your database healthy and its performance adequate. There are two maintenance operations for any index: rebuilding and reorganizing. Both operations were designed to get rid of index fragmentation, but differ in how this is done.

 RebuildReorganizeWhat it doesDrops the existing index and recreates it from scratch.Physically reorganizes the leaf nodes of the index.When to useIndex fragmentation >= 40%Index fragmentation >= 10% and < 40%Impact on systemHigh.

Database will be offline during process, unless you have Enterprise Edition and have enabled the ONLINE option. Online rebuild requires more resources than o  ...
 
New look for Office365 OWA with Gmail-style avatars
edited by on June 5th 2015, at 15:04

Office365 Outlook Web Access (OWA) has been updated with a new look. Most notable is the presence of Gmail-style avatars for the contacts:

 
Fortinet SSO agent connection password
edited by on June 5th 2015, at 14:53

A note of caution: when installing the Fortinet SSO Agent on a server, the option to secure connections from a FortiGate with a password is enabled by default, and a random password is assigned.

You have to turn off or change the password before you add the SSO agent in your Fortigate.

There's no mention of this in the manuals, so now you know...

 
No logon servers available in a inter-domain trust
edited by on June 5th 2015, at 10:40
If your inter-domain trust is down, and the eventlog reveals the following error:

Error
There are currently no logon servers available to service the logon request. (0x51F)

Then check the following:

Check whether you can still access the DNS servers at the other side: try using the name first, then try through IP. If DNS does not work, there's an issue with your DNS.

Check whether the DNS zones for the domain are still in place. If it exists, try performing a reload from master. If this fails, you either have connection issues, or the other side has removed the required zone delegation, preventing you from retrieving the zone information.

If you can neither connect through DNS or IP, ch  ...
 
Configure 802.1q VLAN trunk between Cisco and HP Procurve
edited by on June 4th 2015, at 15:30
This article briefly explains how to integrate a HP Procurve and Cisco in one network, and make sure the VLANs are correctly routed across the two switches. I avoid using the term "trunk" as the definition of a "trunk" differs greatly between Cisco and HP: a trunk on a HP Procurve refers in fact to a feature like Cisco's EtherChannel, something entirely different.

Note that for VLAN trunking to work between the two, you need to use the 802.1q protocol. Other protocols, such as Cisco's VTP and ISL do not work on HP Procurve, as they are both Cisco-proprietary.

Multi-port trunking is also outside the scope of this article, but the basics remain the same.

For both switche  ...
 
Enable SMB 1.0 on Server 2012R2
edited by on June 3rd 2015, at 16:08
On Windows 8.1 and Server 2012 R2, SMB 1.0 (aka CIFS) is no longer enabled by default. This means clients that don't support at least SMB 2.0 (for Windows: everything predating Vista/2008) can no longer directly connect to a 8.1/2012R2 server, and instead, are presented with an error if they attempt to do so:

Error
The specified network name is no longer available.

You can re-enable SMB 1.0 support by installing the SMB 1.0/CIFS support feature on your server.

Some users reported that even after enabling this feature, they could not access shares on the server. Apparently, the SMB 1.0 driver is not loaded properly, because of a missing dependency on the Server service (aka LanmanServer).
  ...
 
NT4 workstations in a 2008 R2 domain
edited by on June 3rd 2015, at 15:47
As long as there are 2003 domain controllers in your network, your old NT4 workstations will be able to authenticate against your domain. As soon as you migrate those 2003's out of the network, you'll run into trouble. By default, Server 2008 R2 no longer accepts authentication requests from NT4 because they use cryptography that's too old and unsafe.

The best solution is to get rid of those NT4 machines, but if that's not possible, you can re-enable support for cryptography on your DCs through GPO.

Either edit the Default Domain Controller Policy group policy, or create a new GPO in the Domain Controllers OU.

Edit the GPO and navigate to: Computer Configuration > Administrative Templa  ...
 
OS supported SMB versions
edited by on June 3rd 2015, at 15:09
SMB (Server Message Block) is an application protocol, most commonly used for file and printer sharing. Although it was originally designed by IBM for use in OS/2, it has been adopted and improved upon by Microsoft as the primary protocol for file and printer sharing in their Windows for Workgroup. It has been in use ever since on Windows and a myriad of other OS flavours.

Although SMB is proprietary to Microsoft, SMB is also available on linux (through Samba), Apple (first Samba, then later, Apple's own SMBX), and a myriad of other OS vendors. In fact, Apple has replaced their own AFP in favour of SMB in their latest releases of Mac OSX. SMB has become the most commonly used protocol for f  ...
 
Exit Windows Explorer from the taskbar
edited by on June 3rd 2015, at 11:49

A bit of a hidden feature in Windows 8: you can actually "quit" Windows Explorer.

Right-click the (empty) taskbar while holding down Ctrl+Shift to reveal Exit Explorer as an additional menu item. Clicking it will then end Windows Explorer, leaving you with a blank screen, same as ending explorer.exe from the task manager.

You can then call up task manager (Ctrl+Shift+Esc), and start Windows Explorer again (File > Run > explorer.exe).

 
Check DKIM records with MXToolBox
edited by on June 2nd 2015, at 14:01

MXToolBox now also checks DKIM:

http://mxtoolbox.com/dkim.aspx

To use, enter your domain name follow by a colon (:), then the DKIM selector to check (e.g. default)

Example:
mydomain.com:default
 
showing all posts
 
 
« November 2024»
SunMonTueWedThuFriSat
     12
3456789
10111213141516
17181920212223
24252627282930
 
Links
 
Quote
« I needed a password with eight characters so I picked Snow White and the Seven Dwarves. »