Archive

Archive for the ‘Quickie’ Category

Quickie: I really don’t like Antiviruses especially ESET

February 22nd, 2013 No comments

Here is one reason why I don’t like ESET Antivirus:

Fuck the ESET

I don’t think it needs any comments 😀

Here is official website I saw it at.

Quickie: Remove Domain Controller role from Exchange 2007 server

January 29th, 2013 No comments

Last night I removed Domain Controller Role from Exchange 2007 server and we had problem in the morning with Exchange Outlook Web Access (OWA). We couldn’t log in at all. Symptomps:

  • Form based authentification was enabled, but Basic was proposed to clients instead
  • When users logged in they received 440 Login Timeout error

After couple minutes of googling I found this article which solved problem.

IMHO when computer was demoted from domain controller role it created local SAM database and didn’t use domain created accounts IUSR_ComputerName and IWAM_ComputerName.

 

Quickie: GPO Preferences variables

January 21st, 2013 1 comment

When you want to use system variables in GPO Preferences you can do so. For example: if you want to create folder on user’s desktop called as computer name, you can use variable in New Folder Properties:

 

GPO Preferences for New Folder

If you don’t know what variables you are able to use in Preferences input fields you can press F3 and it will display you a list of variables you can use:

 

List of variables in GPO Preferences

 

I just found info at Microsoft.

Categories: GPO, Microsoft, Quickie Tags: , , ,

Quickie: Service Accounts description

January 14th, 2013 No comments

More often I see people (IT admins) not understand differences between Local Service Accounts so I decided to write more about it:

SYSTEM

This account has full access to local computer. It can access network resources with rights (account) of the computer. This account has full access to domain it self when used on Domain Controller.

LOCAL SERVICE

This account has same right as local Users group. It goes to network as annonymous user (null session).

NETWORK SERVICE

It’s almost same as LOCAL SERVICE. Only difference is that it uses computer account to access network resources.

Quickie: Exchange Empty Submission queue

January 14th, 2013 No comments

Today I was solving problem with open relay Exchange server. I came to server and it was full of SPAM e-mail messages. I needed to clean all this mess from Submission queue. I used following command:

Get-Message -Filter {FromAddress -eq “<>”} -Server MAILSERVER | Remove-Message

That’s all folks 🙂

 

Quickie: GetMac.exe

November 30th, 2012 No comments

I was just browsing Internet a looking for built-in utilities in Windows. I found one nice one getmac.exe which can get the list of MAC addresses on local or remote computer. It’s nice utility and it’s better to use it to find out MAC addresses, because looking into ipconfig /all verbose output is very time consuming (look in it when IPv6 is enabled). 🙂

Also ipconfig cannot be run on remote machine without using other utility (for example psexec).

More information here.

 

Quickie: Software Restricion Policy vs AppLocker

November 30th, 2012 No comments

Just a quick image about differences between “old” Software Restricion Policy and “new” AppLocker:

Software Restiction Policy vs AppLocker

Now it’s easy to describe and remember.

 

Quickie: How to find out some info about user in AD for free

November 14th, 2012 3 comments

Sometimes you need to find out some basic informations about user in domain when you are regular user. You can use command:

net user USER_name /domain

and you get some informations:

net user /domain

net user /domain

Thanks to my coleague Peter Ivanco 🙂

Categories: Quickie, Windows Tags: ,

Quickie: vShere PowerCLI to change NTP settings

November 8th, 2012 No comments

I had to change NTP servers on 40 ESX servers today. When I started to click this settings via vShere Client I was bored after two pieces 🙂 Then I have decided to use vShere PowerCLI.

Run vShere PowerCLI. Then I had to connect to Virtual Infrastructure server:

Connect-VIServer vCenterSERVER_Name.domain

List all ESX servers and put this list into variable:

$hosts=Get-Cluster Cluster | Get-VMHost

And the last, run couple commands to proceed:

ForEach ($ESX in $hosts)

{

     Remove-VMHostNtpServer -NtpServer “NTP_SERVER_OLD1” -VMHost $ESX | Out-Null;

     Remove-VMHostNtpServer -NtpServer “NTP_SERVER_OLD2” -VMHost $ESX | Out-Null;

     Add-VmHostNtpServer -NtpServer “NTP_SERVER_NEW_01” -VMHost $ESX | Out-Null;

     Add-VmHostNtpServer -NtpServer “NTP_SERVER_NEW_02” -VMHost $ESX | Out-Null;

     Get-VMHostService -VMHost $ESX | Where-Object {$_.key -eq “ntpd” } | Restart-VMHostService -Confirm:$false | Out-Null

}

And everything was set in couple of seconds 🙂

Remove-VMHostNtpServer – removes NTP settings for ESX

Add-VMHostNtpServer – adds NTP settings for ESX

Last command restarted ntpd service.

Have a nice day,

 

Quickie: Add your photo into AD

November 7th, 2012 No comments

More and more are people working with Outlook 2007+, using Lync clients, … all of these applications have ability to show pictures of users in their interface. Let’s look how to implement picture into AD for some users.

Picture in AD is stored in one AD attribute called thumbnailPhoto. We need to put picture into this attribute. Exchange servers and other services use Global Catalog Domain Controllers to resolve attributes for objects in domains. So first of all we need to make sure attribute thumbnailPhoto is propagated into Global Catalog database. We need to modify properties of attribute thumbnailPhoto:

  • Register MMC snap-in for Active Directory Schema running command:

Regsvr32 schmmgmt.dll

  • Open up Active Directory Schema MMC snap-in
  • Under Attributes look for thumbnailPhoto and open its properties
  • Check option “Replicate this attribute to the Global Catalog”

Edit thumbnailPhoto properties

Edit thumbnailPhoto properties

Read more…