Thursday 23 December 2010

Slow RDP refresh

A great read...

http://blog.tmcnet.com/blog/tom-keating/microsoft/remote-desktop-slow-problem-solved.asp

This command seems to help:

netsh interface tcp set global autotuninglevel=highlyrestricted

netsh interface ip set global taskoffload=disabled

Monday 20 December 2010

Symantec Endpoint server firewall rules

netsh firewall add portopening TCP 8443 "Symantec server port"
netsh firewall add portopening TCP 9090 "Symantec management console port"
netsh firewall add portopening TCP 8014 "Symantec client communication port"

Thursday 21 October 2010

Error during the configuration of the host:Failed to update the disk partition information

vSphere client issues this error when creating storage on an iSCSI SAN, in this caseMD3200i

Error during the configuration of the host:Failed to update the disk partition information

This was cuased by me etting the LUN paths to Round Robin rather than Fixed which was the VMware default.

Wednesday 20 October 2010

How to move a DHCP database from a computer that is running Windows Server 2003 to Windows Server 2008

Export the DHCP database from Windows 2003:







1. On the Windows 2003 DHCP server, navigate to a command prompt
2. Type the following Command: netsh
3. Type the following Command: DHCP
4. Type the following Command: server name or ip address
5. Type the following Command: export c:\w2k3DHCPdb all

Note You must have local administrator permissions to export the data.

Import the DHCP database


1. Copy the exported DHCP database file to the local hard disk of the Windows Server 2008-based computer.
2. Install the DHCP Role on the server.
3. Stop the DHCP server service on the server. To do this, follow these steps:

a. Log on to the target DHCP server by using an account that is a member of the local Administrators group.

b. Click Start, click Run, type cmd in the Open box, and then click OK.


c. At the command prompt, type net stop DHCPserver , and then press ENTER. You receive a "The Microsoft DHCP Server service is stopping. The Microsoft DHCP Server service was stopped successfully" message.


d. Type exit, and then press ENTER.

4. Delete the DHCP.mdb file under c:\windows\system32\DHCP folder.
5. Start the DHCP server service.
6. Right-click on the Command Prompt (cmd) and select run as administrator, to open the cmd prompt using elevated privileges.

Note You must have local administrator permissions to import the data.


7. Type the following Command: netsh
8. Type the following Command: DHCP
9. Type the following Command: server name or ip address
10. Type the following Command: import c:\w2k3DHCPdb
11. Restart DHCP and verify the database has moved over properly.


From: http://support.microsoft.com/kb/962355

Thursday 14 October 2010

Creating PTR records with BT static IP addresses

If you need to create a PTR record for a BT static IP address you need to send an email to:

reverse.dns@btbroadbandoffice.com

Stating your broadband phone number, static IP address and which host you want it pointing to.

Tuesday 12 October 2010

UK ISPs IP address ranges

Vodafone UK
212.183.128.0 - 212.183.159.255



O2 mobile
82.132.128.0 - 82.132.143.255
82.132.192.0 - 82.132.255.255




Blackberry
93.186.16.0 - 93.186.23.255


T-Mobile
149.254.0.0 - 149.254.255.25

Opal Telecom

89.241.0.0 - 89.243.255.25
2.96.0.0 - 2.103.255.255



TalkTalk
92.0.0.0 - 92.15.255.255



BT Public Internet Services
31.52.0.0 - 31.53.255.255

62.7.176.0 - 62.7.183.255
81.128.0.0 - 81.159.0.0
86.128.0.0 - 86.191.255.255
109.144.0.0 - 109.159.255.255
213.120.0.0 - 213.123.255.255
217.32.0.0 - 217.47.255.255

BeThere

93.96.0.0 - 93.96.255.255
78.105.0.0 - 78.105.127.255

Demon

83.104.0.0 - 83.107.255.255
80.176.0.0 - 80.177.255.255

Telewest Broadband

82.32.0.0 - 82.47.255.255

Virgin Media

80.0.0.0 - 80.7.255.255
80.235.128.0 - 80.235.159.255
81.104.0.0 - 81.107.255.255
82.24.0.0 - 82.31.255.255
82.42.144.0 - 82.42.151.255
86.0.0.0 - 86.31.255.255

Tiscali

81.6.192.0 - 81.6.255.255
82.132.128.0 - 82.132.143.255
82.132.192.0 - 82.132.255.255

Sky Broadband

90.192.0.0 - 90.223.255.255

EasyNet

87.80.0.0 - 87.87.255.255


PlusNet
87.112.64.0 - 87.115.127.255
46.208.0.0 - 46.208.65.255

Murphex
109.170.128.0 - 109.170.255.255

Wednesday 29 September 2010

Get all SMTP addresses from Exchange server

dsquery * -filter "(&(objectCategory=person)(objectClass=user)(mail=*))" -attr mail displayname -limit 0 > email_addresses.txt

Tuesday 28 September 2010

Vodafone UK IP addess range

If you need to allow mobile phones in though a firewall the UK Vodafone IP range is:

212.183.128.0 - 212.183.144.255

Tuesday 7 September 2010

Exchange 2010 - Quickly install all the required features to install Exchange 2010

To quickly install all the required features to install Exchange 2010

Open the CMD prompt, move to the \scripts folders on the Exchange 2010 DVD and execute this command.

servermanagercmd -ip Exchange-Typical.xml

Monday 6 September 2010

Installing Dell OpenManage on ESX

Download tarball
ftp://ftp.dell.com/sysman/om_6.0.1_Mannode_A00.tar.gz (check for the latest version)

winscp to /root/temp

unzip
tar -zxvf om_6.0.1_Mannode_A00.tar.gz

run from /linux/supportscripts
sh ./srvadmin-install.sh --express

Restart service
srvadmin-services.sh start

Install firewall Opmanger settings

esxcfg-firewall --o 1311,tcp,in,OpenManage

Wednesday 18 August 2010

Sophos SBE not updating - fix

services.msc

-stop sophos agent service
-stop sophos certification manager service
-stop sophos management service
-stop sophos message router service
-stop sophos update manager service

-c:\documents and settings\all users\application data\sophos\update manager\working (delete)

-c:\documents and settings\all users\application data\sophos\update manager\update manager\warehouse (delete)

-c:\documents and settings\all users\application data\sophos\update manager\update manager\cids (delete)-c:\program files\sophos\scc\sum\sum_status.xml, specialactions.xml, ~specialactions.xml (delete the 3 files in the folder)

-start services in reverse order


-update now in the console.

Thursday 5 August 2010

Windows / SBS 2008 C: low on space

I have discovered a great tool for freeing up space on a System drive of a Windows 2008 after SP2 has been installed computer. WARNING this rolls up service so that I CAN'T be installed.

compcln.exe


After...


On Windows 2008r2 the command is...

DISM.exe /online /Cleanup-Image /spsuperseded

Outlook 2007 'Your Out of Office settings cannot be displayed, because the server is currently unavailable. Try again later"

After an transition to SBS 2008, Outlook 2007 clients might get this warning when they try to open their Out Of Office Assistant.



You might also see this symptom below if you "Test E-Mail Autoconfiguration." in outlook.

Most troubleshooting websites point you to the certificate being incorrect. However the SBS wizard should have done the job correctly. I fixed this but disabling 'Require SSL' on the autodiscover virtual directory. If that does not work try the EWS virtual directory.

Great Exchange 2007 SSL tool

http://www.u-btech.com/products/certificate-manager-for-exchange-2007.html

Friday 2 July 2010

Quickly add Sophos management ports to SBS 2008 firewall

To allow the network PCs to communicate with the Sophos Control Center you need to open some ports on the SBS 2008 box. Issue these commands from the CMD prompt

netsh firewall add portopening TCP 8192 "Sophos Management"
netsh firewall add portopening TCP 8193 "Sophos Management"
netsh firewall add portopening TCP 8194 "Sophos Management"
netsh firewall add portopening TCP 8081 "Sophos quarantine digest"

Thursday 3 June 2010

Usefull ESX commands

df -h  lists the filesystems and space available.
perl -spi -e 's|PermitRootLogin no|PermitRootLogin yes|' /etc/ssh/sshd_config enables SSH for root, need to issue service sshd restart afterwards
vimsh -n -e /hostsvc/maintenance_mode_enter or _exi enter mainenance mode from the shell
vmkfstools -Ph -v 10 /vmfs/volumes/$$volume_label$$/ Check free file space as VMFS can only support 32k files
dd if=/dev/cdrom of="isoname.iso" makes an ISO from the CD-ROM in the host.
mkdir iso | chmod 777 iso Makes a directory called iso and sets permissions to read write.

Wednesday 2 June 2010

A great Exchange resource

http://www.howexchangeworks.com/

Outlook 2003 error after Exchange 2010 transition


If you get this error when you try and open legacy Outlook clients after a transition to Exchange 2010 you need to open the Outlook profile and click 'More options' and 'Security' and enable "Encrypt data between Microsoft Office and Microsoft Exchange Server"

This does not effect Outlook 2007 and 2010 clients as they connect another way.

See http://support.microsoft.com/kb/2006508 for more info, medthod 3 might be worth rolling out of you have a lot of legacy Outlook clients



Outlook 2007 / 2010 SSL warning


Even though you have forked out on a verified SSL cert, internal Outlook 2007/2010 clients get this warning when opening Outlook.

This is because the CAS is using the internal DNS name rather than the external name. For example https://mail.domail.local/ rather than https://mail.domain.com/

Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx

Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab

Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.contoso.com/autodiscover/autodiscover.xml

See http://support.microsoft.com/kb/940726 for more info

Exchange 2010 Public folder permissions

If you need to alter public folder permissions with in Exchange 2010 you need to download and extract ExFolders program to the C:\Program Files\Microsoft\Exchange Server\V14\Bin folder.

http://msexchangeteam.com/files/12/attachments/entry453398.aspx

Exchange 2010 SSL Certificates

When you purchase a SSL cert for Exchange 2010 you can no longer get away with a cheaper SSL cert, you must purchase a UC or SAN certificate. I recommend http://www.instantssl.com/ssl-certificate-products/ssl-certificate-ucc.html

This is because you need a certificate for UM (unified messaging) even if you don't install the role.

See http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010
for more help.

MSExchangeAL - EventID 8270 & 8315 : LDAP returned the error [32] Insufficient Rights when importing the transaction.


LDAP returned the error [32] Insufficient Rights when importing the transaction.

...and or


The service could not update the entry 'CN=User Name,OU=Special,,DC=local' because inheritable permissions are not propagated to this object. The inheritable permissions may be disabled because the object belongs to a Windows 2000 administrative group or the inheritable permissions were disable explicitly by an administrator. DC=footasylumltd,DC=local


Fixed by open the user detailed in the event and clicking the 'security' tab, click 'Advanced' and select/enable Include inheritable permissions from this object's parent.

You can easily find out who does not have this attribute set by installing AD Cmdlets tools and running this command.

Get-QADUser -SizeLimit 0 | where {$_.DirectoryEntry.psbase.ObjectSecurity.AreAccessRulesProtected}


(DUP) when you ping from ESX


64 bytes from xxx.xxx.xxx.xxx: icmp_seq=4 ttl=128 time=0.xxx ms (DUP!)

When you ping the VC from an ESX host you get (DUP!) if beacon probing is enabled under the vSwitch NIC teaming load balencing poilcy. This is only the case when "Route based on IP hash" is the case.

Exchange 2010 - OAB setup



When setting up Exchange 2010 there is no provision for legacy OAB, this needs to be configured. Open EMC 2010, navigate to Organisation Configuration and Mailbox, select Offline Address Book, open the properties of the 'Default Offline Address Book' click the distribution tab and enable "Web-based distribution".
Once you have OK'ed the settings you need to right-click 'Update', you will also have to open a CMD prompt and IISRESET