Nagios - Changing the opening page to tactical

Changing opening page of Nagios to tactical page

In Nagios 4.3.1 you will have to

vi index.php 

change the top $url to $url = 'cgi-bin/tac.cgi'

In older versions of Nagios...........

Changing the front page of Nagios to start with the Tactical Overview
To make the front page of the Nagios web interface show the tactical overview rather than a home page, edit /usr/share/nagios2/htdocs/index.html and replace this line:

FRAME SRC="main.html" NAME="main">

with this one:

Sudo vi /usr/local/nagios/share/index.php
Change Frame src = /nagios/cgi-bin/tac.cgi









http://tuxradar.com/content/nagios-made-easy

http://wiki.kartbuilding.net/index.php/Netsaint_/_Nagios

Great Plains 10 - "DOC 1 ERROR: Unknown GP field subtype '24397'"

Error message when trying to use Integration Manager

FIX:

Administration
 - - User Security

Select User
Select Company

Scroll down to "Power User"

Apply changes

Ubuntu, Apache

1. Install Ubuntu Server

2. Enable SSH Login (if using putty to connect)
https://help.ubuntu.com/6.06/ubuntu/serverguide/C/openssh-server.html

sudo apt-get install openssh-client openssh-server

3. Install Apache Web Server
sudo apt-get install apache2 php5 libapache2-mod-php5

sudo /etc/init.d/apache2 restart

Setup
http://www.unixmen.com/linux-tutorials/285-add-linux-host-to-nagios-server

create new file - "sudo nano filename"

http://www.unixmen.com/linux-tutorials/285-add-linux-host-to-nagios-server

Microsoft Great Plains: How to install Service Packs

BES Server Services (4.1)

MS Exchange 2007 Server Services

Blackberry Enterprise Activation

If Enterprise Activation stuck on "waiting for services"

Check if the Blackberry Policy Service is running - if not restart and try activation again

Terminal Server 2008 error when printing

Windows Presentation Foundation Terminal Server Print W has encountered a problem and needs to close.


When trying to print from Great Plains via RemoteApp.
You can still print if you click on the "dont send" button.

http://support.microsoft.com/kb/946411 

Fix: Applying .Net 3.0 SP 1

 

Windows 2008 - Terminal Server - Using RemoteApps

To use RemoteApps:

* Use Internet Explorer 8.0  (it doesn't work on Firefox)
* Use a PC with at least Windows XP SP3
* Enable Terminal Services --> via Internet Explorer add-on settings

RT (Request Tracker) - My project

FIRST PART OF THE PROJECT

Screenshots looks really good
http://blog.bestpractical.com/2008/07/today-were-rele.html#screenshots

Installation Guides
http://wiki.bestpractical.com/view/InstallationGuides

GET SERVER
 Download Ubuntu 9 Server
http://www.ubuntu.com/getubuntu/download-server

Ubuntu 9 Install from USB
https://help.ubuntu.com/community/Installation/FromUSBStick

Install RT
http://catcon.wordpress.com/2009/05/20/installing-request-tracker-3-8-2-on-ubuntu-server-9-04/
http://wiki.bestpractical.com/view/UbuntuInstallGuide

Windows 2008/Vista User startup folder....

c:\Users\user name\AppData\Roaming\Microsoft\Windows\Start Menu\

Backup Exec Remote Agent Utility

How to use Backup Exec Remote Agent Utility

On the media  server

Terminal Server on Windows 2008

AD
- Check User profile
- - Check "Environment"
- - - Connect user drives on logon

Windows 7 - Adobe Flash spike CPU 100%

Terminal Server on Win2008 Server - GPMC

GPMC
- Install using Server Manager -- Features

Switch: HP Procurve 2610 (24/48 port) - Flash instructions

Flashing the switch

1.  Download latest firmware update

2. Conect to the console port with Console cable

2.a Connect to the port via Putty (serial)

2.b Setup static IP address on switch

3. Start TFTPD32 server om laptop

3.a Copy the new firmware to the tftp location

4. Patch the laptop into the switch and assign static IP Address

5. From Console mode - ping laptop

6. From Switch

Switch# en

Switch# conf t

Switch(config)#  copy tftp flash LAPTOPIPaddress I_07_68.swi

Switch(config)# The primary OS will be deleted (y/n) y

7. VERY important - Boot the switch into primary flash

Switch(config)# boot system flash primary

Select y

8. Verify you are using the primary flash - Show version

Switch# sh ver

9. Copying the show tech all command to txt file

switch# copy command 'show tech all' tftp Laptop IPADDRESS filename.txt

ArcServe - how to rest the caroot password

1. Open a command prompt on the server where you want to change/reset the caroot password.
2. In the command prompt browse to the drive where you have ARCServe installed (e.g. C:\Program Files\CA\...)
3. Once in the ARCServe folder type in the following: cstop
4. This will stop the ARCServe services that are running.
5. When all services are stopped open the Windows Explorer and browse to the folder:
C:\Program Files\CA\BrightStor ARCserve Backup\Data\Discovery
Here you will find a folder that has the name of your server.
6. Rename this folder.
7. Back in the command prompt type in the following: cstart
8. This will start the ARCServe services that were stopped in item 4.
9. Still in the command prompt type in the following:
Authsetup/p "password" where “password” is what you want the new password to be.
10. Close the command prompt and try to open ARCServe with the new password.

Microsoft Dynamics GP

Needs only .NET SP 2 (NO service packs)

Dynamics Database is the mail database
- stores all of the internal detail
- user accounts
- security details

Company databases
- stores company related information
- transactions

.vba = reports

reports are linked to the .dic files

new company created - deleted all of the c:\program files\Micro~D\GP$USA and copied all of dynamics into it

dex.ini = control file

dex.dic - change details
dynamics.set = change details

Disable sound warning - Avira AntiVir Personal

What an annoying sound!

Open Avira Personal

- Click on Administration
- Click Configuration
- Tick the "Expert Mode" box
- - Click on General (+)
- - Acoustic Alert
- - - No warning

Click OK

Procurve Switch 2610 - Log downloads using TFTP

Download TFTPD32

run the executable

Telnet to a server (using Putty

Switch# en
Switch# copy command-output 'show tech all' tftp YourIPAddress logfilename.txt

Once this is completed you will find the logfilename.txt where you've downloaded the TFTPD32

BES sending email to only a few blackberrys

See how some devices have messages pending and others not?
See also the last contacted time

Do a hard reset on the Blackberry

Remove the battery while the blackberry is still turned on - remove sim
Leave off for 5min
Startup

Blackberry hard reset actually restarts the blackberry properly - a shutdown from the (on/off) button won't restart it, it will only place the blackberry in a sleep mode.

This hard reset will force the blackberry to go back onto the network, as a reset don't leave the network properly.

CONTACT Service Provider and found out that 50% of their network is down.

BES Logs

c:\Program Files (x86)\Research in Motion\Blackberry Enterprise Server\Logs\

Exchange 2007 - Free/Busy not updating

Open PowerShell and use the following command:

Get-PublicFolder -Server yourservername "\non_ipm_subtree\SCHEDULE+ FREE BUSY" -recurve | Format-List

Run the following commands if you wish to add the replicas:

Set-PublicFolder -Identity "\NON_IPM_SUBTREE\SCHEDULE+ FREE BUSY\EX:/o=Company/ou=First Administrative Group" -Replicas "exchsrvr\Public Folder Database"

Set-PublicFolder -Identity "\NON_IPM_SUBTREE\SCHEDULE+ FREE BUSY\EX:/o=Company/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)" -Replicas "exchsrvr\Public Folder Database"

Once done:

OUTLOOK.EXE /cleanfreebusy (this will force Outlook to update immediately instead of waiting to be updated)

BES Problems - MSExchangeSA

BES Stopped sending emails to all blackberry devices at approx 1am this morning.

Exchange Server was restarted as well as BES (all services)

No apparent events in eventviewer - but this:

After restarting the Global Catalog Server - the blackberry server started to work.
Lesson: Don't just look at eventlog relating to the problem but look at a wider scope.

Further Information - What is NSPI and how does it work?

NSPI - Name Service Provider Interface

Reparing Corrupt Databases

Download LM2000 from http://sommestad.com/LM_2_1.htm (this is your freeware BDE (Borland) files)

Download Tutil32 from http://sommestad.com/LMP_3_8.htm

Download tutil32.dll and copy to c:\windows\system32\

Run Dtutil32 - select database - verify & rebuild

http://sommestad.com/LMP_3_8.htm

Firebox - CLI

SSH to your firebox ip address using port 4118

username admin:
password: your write password

config

interface ?

update AV

(config)# signature force-update AV

Forcing Client to sync with WSUS

I downloaded the unixutils from Sourceforge
http://sourceforge.net/projects/unxutils/

I got this following command from a very nice blog:

net stop wuauserv

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v NextDetectionTime /fnet start wuauservwuauclt /detectnow

Then use the tail.exe -f command - to monitor the log file

Tail -f c:\windows\windowsupdate.log

MSAccess 97 Out of memory Error Mesasge

Load 2 updates:

Office 97 service Release 1 (SR-1)

http://www.microsoft.com/downloads/details.aspx?FamilyID=3D702F0B-4DA8-4FB2-80E4-CCFB8D3C1D0B&displaylang=EN

Office 97 Service Release 2 (SR-2)

http://www.microsoft.com/downloads/details.aspx?FamilyID=BEFD7842-602E-42B0-89D2-6BE39F1167C1&displaylang=en

Setting up Wamp Server and MediaWiki

Download Media wiki from http://www.mediawiki.org/wiki/Download

Download & Install WampServer 2 from http://www.wampserver.com/en/download.php

After the wamp installation click on the wamp icon in the tray

Please note that the Apache server needs to use port 80 and will not run if IIS is currently in use on the machine.

Install Apache, Mysql services (you will have to stop the service then do the install)

Copy the extracted media wiki into a folder called mywikipedia and copy into c:\wamp\www

Open http://localhost/mywikipedia and click on the install

My wiki configuration

Remember the mysql root pwd is by default blank.

To complete the installation, move config/LocalSettings.php to the parent directory. >> goto c:\wamp\www\mywikipedia\config\ and copy the localsettings.php to c:\wamp\www\mywikipedia\

Exchange 2007 - change DL-Group from non-universal to universal

Right click on the distribution group - select convert

I had to add a user that was on my Exchange server in Sydney to this group in LHR. So what I had to do was I added the user as a contact in Exchange "Contacts" and in the Active Directory "dsa.msc" as a contact - then added him to this distribution group.

A very good test before sending test message is to open an email - add the new distribution list to the email - open to see all members of the distribution group and check the very last added user to see whether you can see that users email address information.

Exchange 2007 Shell - Add user to distribution group

Add-DistributionGroupMember -Identity "Marketing Managers" -Member adam@contoso.com

WatchGuard (Firebox) Manager

Open WatchGuard System Manager

You can either right click and select the various components or you can click on the icons on the toolbar or you can click on Tools from the menu bar.

Below is a screenshot of the Watchguard System Manager:

Click on Connect to Device: (the little red icon with a down arrow)

Policy manager click on the (triangle)

Host Watch

To view a specific host - double click on the host name on the left hand side

A quick view of the policy manager

Sernum.vbs - Getting the serial number of a remote PC

Copy the following to a notepad file

ComputerName = InputBox("Machine Name To Query")
winmgmt1 = "winmgmts:{impersonationLevel=impersonate}!//"& ComputerName &""Set SerialN = GetObject( winmgmt1 ).InstancesOf ("Win32_BIOS")
For each Serial in SerialNMsgBox "Serial Number: " & Serial.SerialNumberNext

Safe as sernum.vbs - doubleclick to run - enter machine name and press ok/enter

Offer Remote Assistance

Start - run - gpedit.msc

- Administrative Templates
- System
- Remote Assistance
-- Offer Remote Assistance
-- R/click properties -enable

Close all

F1 - Tools

Offer Remote Assistance - -> Click on add to favourites

To use Remote Assistance --> just open F1 -> goto favourites - Remote Access and type in the IP Address

Add-MailboxPermissions

Add-MailboxPermissions

Add-MailboxPermission username -User towhom -Accessrights Fullaccess
Accessrights
- Fullaccess
- SendAs
- ExternalAccount
- DeleteItem
- ReadPermission
- ChangePermission
- ChangeOwner

Unix - 4 steps to installing a file

1. Download it with the wget command + correct url

2. tar the file - unzip

3. ./configure the file using correct user & group

4. make install

Installing Nagios 3.1.2 and Cacti 0.8.7e on Ubuntu server 9

I installed Ubuntu Server 9 onto VirtualBox.

I created a downloads folder

Used this link as instructions -

http://nagios.sourceforge.net/docs/3_0/quickstart-ubuntu.html
but this link contains invalid url's so I had to go and find these:

Then wget these:

wget http://sourceforge.net/projects/nagios/files/nagios-3.x/nagios-3.1.2/nagios-3.1.2.tar.gz/download

wget http://sourceforge.net/projects/cacti/cacti-0.8.7e.tar.gz/download/


Nagios Configuration:

./configure --with-command-group=nagcmd

make all
useradd nagios
make install-config
make install-commandmode

Now change the email address in the contacts file & save it :!wq

vi /usr/local/nagios/etc/objects/contacts.cfg

then setup password for Apache

htpasswd -c /user/local/nagios/htpasswd.users nagiosadmin

Restart Apache

/etc/init.d/apache2 reload

extract the nagios plugins

tar xzf nagios-plugins-1.4.10.tar.gz

./configure --with-nagios-user=nagios --with-nagios-group=nagios

Make
Make install

Config nagios to start automatically


My Nagios Config



Nagios executable: nagios

Nagios user/group: nagios,nagios

command user/group: nagios,nagcmd

install :/usr/local/nagios

lock file: ${prefix}/var/nagios.lock

chcek result directory: %{prefix}/var/spool/checkresults

init directory: /ect/init.d

apach conf.d: /ect/apache2/conf.d

mail program: /bin/mail

host os: linux-gnu



web interface options

HTML URL http://localhost/nagios

CGI URL: http://localhost/nagios/cgi-bin

Factory reset Blackberry 9000

BES - Services

BES Services Running on Win2003 Srv

BESAlert.exe
BlackBerryAgent.exe
BlackBerryController.exe
BlackBerryDispatcher.exe
BlackBerryRouter.exe
BlackBerrySyncServer.exe
ITAdminServer.exe

Event - Source AutoEnrollment ID: 15

Automatic certificate enrollment for DOMAIN\user failed to contact the active directory (0x8007052b). Unable to update the password. The value provided as the current password is incorrect.
Enrollment will not be performed.

---------------------------------

http://support.microsoft.com/kb/310461

Cause:

This problem may occur if the Autoenrollment feature cannot reach an Active Directory domain controller. In a Microsoft Windows NT 4.0 domain, Active Directory is not available. Therefore, the Autoenrollment feature cannot work. In an Active Directory domain that has Microsoft Windows 2000 or later domain controllers, the problem may be caused by a DNS name resolution or by network connectivity issue.

Back to the top

RESOLUTION

For a Microsoft Windows XP-based computer or a Microsoft Windows Server 2003-ba...

For a Microsoft Windows XP-based computer or a Microsoft Windows Server 2003-based computer that is joined to a Windows NT 4.0 domain, to turn off the Autoenrollment feature in the Local Group Policy, follow these steps on the local workstation:

1. Click Start, click Run, type gpedit.msc, and then press ENTER.
2. In the left pane, expand Computer Configuration, expand Windows Settings, expand Security Settings, and then expand Public Key Policies.
3. Double-click Autoenrollment Settings.
4. Click Do not enroll certificates automatically.
5. Click OK.
6. Repeat steps 2 through 5, but in step 2, expand User Configuration, expand Windows Settings, expand Security Settings, and then expand Public Key Policies.
7. Close the Group Policy window.

For a computer that is a member of a Windows 2000 or later Active Directory domain, make sure that the domain member has network connectivity with at least one domain controller.

After you have determined that you have good Internet Protocol (IP) connectivity between the member and a domain controller, correct the DNS address in the IP properties of the workstation. To do this, follow these steps:

1. Start the Network Connections tool in Control Panel.
2. Right-click Local Area Connection, and then click Properties.
3. Click Internet Protocol (TCP/IP), and then click Properties.
4. Type the correct DNS address in the Preferred DNS server box.
5. Click OK.

Exchange 2007 - Backups

Exchange 2007 - How to Change the First Storage Group log file location (to save running out of disk space)

Open the EMC - Click on Server Configuration - On Mailboxes Right Click the top Mailbox "First Storage Group" by default it will log through to c:\ if not changed.

The default log file location is:
:\Program Files\Microsoft\Exchange Server\Mailbox\First Storage Group

To Change the log file location of the First Storage Group

Open EMC
Server Configuration
Mailbox
R/C First Storage Group - Select Move Storage
This will take the Storage Group offline automatically and back online when its finished.

Exchange 2007 - EdgeTransport.exe.config.txt

To be found in c:\program files\Microsoft\Exchange Server\Bin\

Exchange 2007 - low disk space

Free up disk space:

Delete log files:

c:\windows\system32\LogFiles\W3SVC1\

Change the Queue Path.

Goto: c:\program files\Microsoft\Exchange Server\Bin

Make a Backup of EdgeTransport.exe.config.txt ie: EdgeTransport.exe.config.txt.20090715.txt

Edit EdgeTransport.exe.config.txt

Create a folder somewhere else (on another drive) - edit the folder's ACL to include System, Network Service (full access rights), Administrator

Change the path of the "QueueDatabasePath" value to the newly created folder.

Change the path of the tempstorage

Before you move you any files - stop the service Microsoft Exchange Tansport - and start when finished.

Using Diruse
from command line: diruse /s /m /q:1.5 /l /* "c:\program files\" /L .\diruse.log

This nice little command will log a snapshot of your directories in mb's - exceeding 1.5mb in size to c:\diruse.log

Run a normal Disk Cleanup Utility to clean some files up.

Run a defrag on the exchange database

http://technet.microsoft.com/en-us/library/aa998863.aspx

Exchanger 2007 - GAL & OAB Update

Get-GlobalAddressList | Update-GlobalAddressList -Verbose


Get-OfflineAddressBook| Update-OfflineAddressBook -Verbose

Add a persistant Route to Windows XP routing table

route ADD -P 192.168.0.8 MASK 255.255.255.0 192.168.0.1

IP Address followed by the Network MAsk and the Gateway

CIDR - Conversion Calculator

Just to make my life easier

http://www.subnet-calculator.com/cidr.php

Backing up Exchange 2007 using ntbackup

Ran out of disk space on my Exchange server on the c:| drive - tried to parse some logs but got this error when trying to backup using ntbackup:

The 'Microsoft Information Store' returned 'Functions called in an invalid sequence.

Make sure the Microsoft Information Stores (store.exe) is running.

Space Errors in Event log:

Source: MSExchangeTransport
Category:ResourceManager
Event ID:15006

The Microsoft Exchange Transport service is rejecting message submissions because the available disk space has dropped below the configured threshold.

Source: MSExchangeIS
Category: General
Event ID: 9518
Error Log disk full starting Storage Group /DC=uk/DC=co/DC=qsoft/DC=corp/CN=Configuration/CN=Services/CN=Microsoft Exchange/CN=Mail/CN=Administrative Groups/CN=Exchange Administrative Group (FYDIBOHF23SPDLT)/CN=Servers/CN=MAIL1/CN=InformationStore/CN=First Storage Group on the Microsoft Exchange Information Store. Storage Group - Initialization of Jet failed.

No backups have ever been made since we started utilizing this Server - so a recommended backup was suggested.


I couldn't backup due to the low space warning so I rebooted the Server and was able to do backups then.

NTbackup - Backup Types

Normal
Backs up selected files, and mark each file as backed up.

Copy
Backs up selected filed, but doen not mark any as backed up.

Incremental
Backs up selected files only if they were created or modified since the previous backup.

Differential
Backs up selected filed only if they were created or modified since the previous backup, but does not mark them as backed up.

Dialy
Backs up only files that were created or modified today.

Win XP Pro - Autologin

http://support.microsoft.com/kb/315231

Event - Source Userenv, Event ID: 1511

Event ID: 1511

Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Event ID: 1502

Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.

DETAIL - The process cannot access the file because it is being used by another process.

2 FIXES - Boot into Safe mode and move the profile out of the way:

(Microsoft's way)

Create a New User Account

To create a new user account, follow these steps:

1. Start the computer in Safe Mode, and then restart the computer.
   1. After the Power On Self Test (POST), press the F8 key.
   2. On the Windows Advanced Options menu, use the ARROW keys to select Safe Mode, and then press ENTER.
   3. When you are prompted to select the operating system to start, select Windows XP <edition>, where <edition> is the edition of Windows XP that you have installed, and then press ENTER.
2. Log on as Administrator.
   1. On the "To begin, click your user name" screen, click Administrator.
   2. Type the administrator password, and then press ENTER.
      
      Note In some cases, the Administrator password may be set to a blank password. In this case, do not type a password before you press ENTER.
3. In Control Panel, click User Accounts.
4. Create a new user account. Windows makes a new directory for the account in the Documents and Settings folder.
5. Quit the User Accounts tool, and then restart the computer.

2nd Method

Backup files and wipe & reinstall XP

How to undelete a removed mailbox - Exchange 2007

Sometimes when you disable or remove a mailbox - you can't view it in the "Disconnected Mailbox" tab.

Run the Clean-Mailbox command.

Open Power Shell

Get-Mailbox Database

"this will display a list of mailboxes that was recently removed"

Clean-MailboxDatabase
Identity:

When prompted enter the mailbox database you want to clean

I suggest running it on all the Mailbox Databases (As you might have accidently put the user in a wrong database)

Exchange 2007 - Deleted Items Settings

Open the EMC

- Expand the Server Configuration
- Click on Mailbox -right click - Properties
- Click on the Limits Tab
- Set "Deletion Settings"

Event Viewer - Source: DNS, Event ID:4000

The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

Fix:

on the mail rootdc run

dcdiag -fix

& a restart

Outlook 2007 cache

To remove Outlook Cache on Windows XP

\documents & Settings\username\Application Data\Microsoft\Outlook\Outlook.nk2

Better to just rename this file - when Outlook starts up again it will recreate this file.

Exchange 2007 - Interforest Migration Tip

Yesterday I had a ton of problems migrating mailboxes to the new Exchange Server.

What I've found is when you move a mailbox and you have to try it again, instead of disabling the mailbox that failed - use the command below:

-AllowMerge

This command dont' mind that you've already migrated a mailbox and won't throw up any errors.

ADMT Agent - how to stop it

Finding the ADMT Agent running on a workstation and how to kill it.

pslist \\pcname

ADMTAgnt

pskill -t \\computername -u user -p password "PID" (Process ID)

Exchange 2007 - Interforest Mailbox Move - Errors

"Failed to set basic mailbox information, will retry in 60 seconds"

"Error occurred in step - Approving object: failed to open object 'LDAP://qhqroodc1.corp.company.co.uk" There is no such object on the server.

Fix:- Disable half created mailbox on new exchange server (target server), disable user in new forest (target domain). Migrate user from source domain to Target domain, migrate mailbox again.

Unable teo offer "Remote Assistance" after inter forest domain migration

http://forums.techarena.in/windows-security/38417.htm

Unable to Logon to Win2003 Domain AD Due to Windows Cannot Connect to the Domain Error - PART 2

If your disk is encrypted with TrueCrypt you cannot use Ophcrack - as Ophcrack cannot see the partition.

So using the TrueCrypt Rescue Disk - I'm now decrypting the HDD - as when you've got an encrypted disk the disk will not boot or be accessible in any way if you don't put the boot-up password in first - so when running Ophcrack - it bypasses the password but won't allow you access to the hdd.

To Decrypt a HDD using TrueCrypt Rescue Disk
- -> Write the ISO to disk
--> Boot with ISO
--> F8 - choose [1] Permanently decrypt system partition/drive

grrrrrrrrrrr what a pain....

After decrypting the HDD I can run ophcrack - get the password & logins
Remove the Laptop from the domain - add it to a "workgroup" - without restarting
Remove the Computer Account from the domain
On the laptop - Join the new domain & restart

Unable to Logon to Win2003 Domain AD Due to Windows Cannot Connect to the Domain Error

Yesterday I migrated 8 workstation to a new domain. 6 Machines migrated absolutely fine, the other 2 couldn't see the domain and complained of "Unable to Logon to Win2003 Domain AD Due to Windows Cannot Connect to the Domain Error"

One of the 2 machines worked fine this morning (mind baffling!) but I still have this problem with a Dell Latitude D505 laptop.

Steps I'm taking.....

I am unable to login with any domain account (hence the error) nor my local administrators account.

1. Unplug the network cable

2. Login as local administrator - unable to - even with the network cable unplug the OS still seeks a domain to authenticate against.

Using Ophcrack

- Download the latest Ophcrack (2.3.0) -unable to find any partitions with hashes - and even unable to mount the NTFS drive.

Downloading an older version (1.2.2)

Day 1: ADMT - Inter forest migration

ADMT - falls over if you try to do more than 2 security translations - I've selected 5 machines, it completed only 2 and the other 3 were marked as "unable to ping" - which is nonsens as I was able to ping/connect to them.

Errors:
"Unable to access ADMIN$ share on PC"

FIX - add a admin user from the new domain to the PC

Errors:
"Unable to retrieve the DNS hostname for migrated computer "computername". The ADSI property cannot be found in the property cache (Hr=0x8000500d)

- unable to login to PC either via administrator or any user
- had to delete corrupt profile from source domain


User Migration

I've migrated 8 users without any problems

Workstation Migration

Upto 8 workstation
(out of the 8 only 2 gave problems - where they wouldn't join the new domain and had to be put back into the old domain then add to the new domain)

1 of the 2 problem machines refused to login to either domain or as local admin - had to decrypt the hdd and use Ophcrack to check the login details.

HP Procurve 2820 - copy config

Start TFTP Server

SSH via Putty to the Switch

copy running-config tftp "IPADDRESS" filename.txt

The switch config will be copied to c:\tftp-root\filename.txt

How to join a Win2003 Srv to a domain or change name

Start - Run "sysdm.cpl"

Click on Computer Name - click on Change

Exchange 2007 - Interforest Mailbox Move

(don't be hasty with this process...Exchange 2007 Server is set to Africa-time)

Mailbox Migration from Exchange 2007 to another Exchange Server 2007 in a new domain.

$SourceCredentials = Get-Credential
domain\user

$TargetCredential = Get-Credential
domain\user

Move-Mailbox -TargetDatabase "mail1\First Storage Group\Users" -Identity username -GlobalCatalog server.domain.co.uk -SourceForestGlobalCatalog server.domain -NTAccountOU "OU=User Accounts,DC=domain,DC=company,DC=co,DC=uk" -SourceForestCredential $SourceCredential -TargetForestCredential $TargetCredential

CONFIRM
Are you sure you want to perform this action?
Moving Mailbox username to database mail1\First Storage Group\Users. The operation can take a long time and the mailbox will be inaccessible until the move is completed.

[Y] Yes [A] Yes to All [N] No [S] Suspend ?

"Opening source mailbox....."

AT the end the status message (right at the bottom of the confirmation) should say This mailbox has been moved to the target database.

Errors that I've encountered so far:

Failed to set basic mailbox information.

Mailbox was created as a "linked-mailbox" what is a linked-mailbox?
A linked mailbox is a mailbox in a seperate trusted forest.

How to convert a linked-mailbox to a regular mailbox?

Set-Mailbox UserXX -Type Room

You can use the following values for the Type parameter:

• Regular
  
• Room
  
• Equipment
  
• Shared

Mailbox Migration changes the Alias & Primary SMTP Address?

Give the server time to process the new mailbox (especially) in my case where the new Exchange server have not been in use for a few months...just sitting there.

You can view the Eventviewer to doublecheck

AD - FSMO Roles (Quick Guide)

Active Directory FSMO (Flexible Single Master) Roles.

Microsoft's best practise advice you not to put the Global Catalog Role on the DC that holds most of the FSMO Roles. Always put the Global Catalog on another server.

AD Installation Wizard (DCpromo.exe) defines 5 FSMO Roles:

1. Schema Master
2. Domain Naming Master
3. PDC Emulator
4. RID Master
   
5. Infrastructure Master (for each respective domain)

To inspect FSMO Roles:

Run "dsa.msc" (AD Users and Computers) right click on domain



Click on Operations Masters to view Roles

Inter Forest Domain Migration

Steps to migrate user/computer/mailbox from Windows Server 2003 AD to a new AD Forest Windows 2003 Servers.

Inter Forest Domain Migration

Step 1

Add admin resource login to all workstations
domain\res_migrate

Step 2

Migrate Workstation
Check that Workstation was migrated

Step 3

Migrate all groups

Step 3.a

Migrate user Account & Check that user wat created
Make a list of & Add user build-in accounts.


Step 3.a

Run security translation wizard on workstation

Step 4

Change Username to new login-type

Step 4.a

Migrate Mailbox
Check & if successful delete mailbox on Cheetah2
Create new contact on old exchang server for user

Step 5

Change password & set to password to be changed once user login


Step 6

Force Replication
AD Sites.Srv - server - NTDS setting - Select Server
- R/C Replicate now

Step 7

Login to new domain using name.surname@company.co.uk


Step 8

Update the MTA's with new IP Address of new mail server

Delete Outlook cache - appl~\microsoft\outlook\outlook.nk2

Point to new Exchange Server

F*cking Exchange Inter Forest Mailbox Migration

Open Powershell on Exchange 2007

First you need to set your Source & Target Credentials.

$c = Get-Credential

(Here you will be asked to enter your login credentials (with domain admin rights) on current domain)

$t = Get-Credential

(enter login credentials for Target Domain Controller)

Move-Mailbox -TargetDatabase "pwgmail1\First Storage Group\Users" -Identity clone -GlobalCatalog ***rootdc1.corp.***t.co.uk -SourceForestGlobalCatalog manx99.**** -NTAccountOU "OU=Admin,OU=User Accounts,DC=corp,DC=****,DC=co,DC=uk" -SourceForestCredential $SourceCredential -TargetForestCredential $TargetCredential


Errors Encountered:

"Failed to reconnect to Active Directory" (what does this mean? not a f*cking idea)

Check the Eventviewer - this will tell you that it is unable to connect to the domain you are trying to migrate your mailbox to.

Active@ KillDisk - Low Level Format

http://www.killdisk.com/

Performs a low-level format, that completely erase a hard disk - so that no undelete software can be used to recover any of it.

The free version, erases with a one pass zeros.

XP File recovery (NTFS)

Use NTFS Undelete (freeware)

Download and burn the ISO to disc

The disc will autorun - choose recover, it will go off and see what you can recover, choose the files and let it recover.

Its recommended that you don't recover to the disc where you've lost the files on.

Download from http://ntfsundelete.com/

XP Pro IIS Admin

Download tool here:

http://www.jetstat.com/iisadmin/download.asp

Def:

XP Pro IIS Admin is a free tool that enable you to use/create multiple websites on XP Pro and easily switch between them.

Windows XP Pro only allow you to create one website.

IIS - Restart Options

Via Services MMC

To stop IIS Service

"services.msc"

Goto "World Wide Web publishing Service" - stop it


Or via the command line:

"cmd"

iisreset /?

/RESTART
/START
/STOP
/REBOOT
/REBOOTONERROR
/NOFORCE (attemps to stop gracefully)
/TIMEOUT:val
/STATUS - displays status of all Internet services
/ENABLE - enable restarting of Internet services on local machine
/DISABLE

Corrupt Windows XP Profile

Event Viewer Errors:

Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.

Source: Userenv
Event ID: 1511

Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Login - create new profile and copy over profile data - from old data - DO NOT copy corrupt profile into new profile.

Sometimes small problems can be fixed by using this tool - to fix corruptions:

Download and use the "User Profile Hive Cleanup Service"- this will install itself as a service and monitors the profile - if it finds that the data in memory is not in sync with the profile it will flush the data in memory to disc - preventing "lost" data when you reboot or logoff - this is the only workaround to the problem in XP.

Test if an email address exist without sending mail

First - Find mail exchanger of reddit.com

COMMAND:
nslookup - q=mx reddit.com
RESPONSE:
reddit.com MX preference = 10, mail exchanger = mail.reddit.com
mail.reddit.com internet address = 208.96.53.70

Second - Connect to mail server mail.reddit.com

COMMAND:
telnet mail.reddit.com 25
RESPONSE:
220 mail.reddit.com ESMTP Postfix NO UCE NO UEMA C=US L=CA Unsolicated electronic mail advertisements strictly prohibited, subject to fine under CA law CBPC 17538.45. This electronic mail service provider’s equipment is located in the State of California. See http://www.reddit.com/static/inbound-email-policy.html for more information.

COMMAND:
helo hi
RESPONSE:
250 mail.reddit.com

COMMAND:
mail from: youremail@gmail.com
RESPONSE:
250 2.1.0 Ok

COMMAND:
rcpt to: mailbox.does.not.exist@reddit.com
RESPONSE:
550 5.1.1 : Recipient address rejected: User unknown in local recipient table

COMMAND:
quit
RESPONSE:
221 2.0.0 Bye

Uknown PCI Device (on most new HP Workstations)

This is the Microsoft UUA Driver

Install PDFCreator without yahoo toolbar

From command line:

PDFCreator-0_9_8_setup.exe /silent /norestart /components=\"!toolbar\" /tasks=\"!
desktop_icon\"" /f"'

A Systems Administrator's - Must Have Books

1. Microsoft Exchange Server 2007 - Administrator's Pocket Guide

http://www.amazon.co.uk/Microsoft-Exchange-Server-Administrator%2527s-Companion/dp/0735623503/ref=sr_1_6?ie=UTF8&s=electronics&qid=1246283346&sr=8-6

2. The Practice of System and Network Administration

http://www.amazon.co.uk/Practice-System-Network-Administration/dp/0321492668/ref=sr_1_1?ie=UTF8&s=books&qid=1246283369&sr=8-1

3. Microsoft SQL Server Administrators Guide

http://www.amazon.co.uk/Administrators-Guide-Server-Microsoft-Windows/dp/0321397975/ref=sr_1_1?ie=UTF8&s=books&qid=1246283394&sr=1-1

4. Network Warrior (The things they never taught you in CCNA)

http://www.amazon.co.uk/Network-Warrior-Gary-Donahue/dp/0596101511/ref=sr_1_1?ie=UTF8&s=books&qid=1246283427&sr=1-1


5. Time Management for Systems Administrators

http://www.amazon.co.uk/Management-System-Administrators-Thomas-Limoncelli/dp/0596007833/ref=sr_1_1?ie=UTF8&s=books&qid=1246283446&sr=1-1

Switch Blog

Very nice blog :o)

http://brian-dao.blogspot.com/2007/06/procurve-switch-tftp-flash-update.html

Flashing HP Procurve 2824 (Firmware upgrade)

Connect with console cable (serial port)

Use Hyperterminal and connect to the specific serial prot

Start (Solar Winds) TFTP Server on your PC
- File
- Configure
- Start (to start the tftp server)

make sure the firmware is set to c:\tftp-root\ and that your root directory is set to that.

Copy newly downloaded firmware upgrades to c:\TFTP-ROOT\

on Switch

switch# conf t
switch(config)# ping 192.168.0.2 (of the machine used for the flash)
switch(config)# copy tftp flash 192.168.0.2 I_07_68.swi
switch(config)#The primary OS Image will be deleted, continue [y/n]

Copy tftp flash from your ip address specified with the filename as copied into the tftp-root directory. Select Y to delete primary OS.

Export & Import Addresses in Outlook 2007 Folders

File,
Import Export
- Export to file
- export to csv (Windows)
- select folder
- at "import a file"
- select "Map custom fields"
- in the "map custom fields"
- click on "clear map
- drag the info you need to the right hand and click on OK

Open the csv you've just exported to

Import using import/export
- map the fields correctly and import

Install IIS on Windows 2003 Server

Click on Control Panel

- Add Remove Programs
- Add/Remove Windows Components
- Select Application Server

Hyper-V Virtualization

http://www.sharepointblogs.com/craiglussier/archive/2008/07/07/server-2008-hyper-v-requirements-specifications-and-compatibility-with-existing-virtual-machines.aspx

MS Exchange 2007 Server - Installation & mailbox recovery

(Using VMWare)

Installing

HP Procurve switch commands

Flash version
switch(config)show flash

To get to the Default VLAN
switch(config)vlan 1
switch(vlan-1)

Setting up an IP Address for the default VLAN
switch(vlan-1)ip address 10.10.10.1/16

To reboot
switch#boot

HP Procurve Switch 2824 - Reflash

Put yourself on the same network as the switch

Download the new firmware.

1. Use HyperTerminal to connect to the switch using a serial cable.

2. issue the following commands:

switch# en (enable)
switch#conf t (configure terminal)
switch(config)# vlan 1 (to enter the default VLAN settings)
switch(vlan-1) ip address 192.168.1.1/16

3. open and start solarwinds tftp server - point to the correct location of the new firmware (c:\TFTP-root\) - please note if you dont' specify primary or secondary the primary will be used by default.

4. on the switch - tftp flash "youripaddress" the flashname"

switch#copy tftp flash 192.168.1.5 I_10_73.swi
The primary OS Image will be deleted, continue [y/n]

Windows XP - Memory

As standard XP can only see 2GB anything > 2GB needs an entry in the boot.ini

Start - Run "sysdm.cpl"
Click on Startup and Recovery
Settings

Click on "To edit the startup options file manually, click Edit"

Setting up MS Outlook 2007 to use RPC over HTTP /S

This document explains how to setup Outlook 2007 to connect to Exchange Server 2007 using RPC over HTTP/S (connecting over a VPN (windows 2003 server)

Verify SSL Certficate

on exchange
start - run "iis.msc"
Goto Web Sites
--> Default Web Site
---> Right click and goto properties
----> Directory security (if u have a valid certificate the view certificate button will not be grayed out)

Run the command RPCDump.exe /v on the Exchange back-end server and look at the ncacn_http protocol settings, you can see some of them in Figure 3, and ensure they are listening on the proper port number.

Make sure user have VPN rights (Should be a member of the VPN AD Group)

Exchange 2007

How to Enable Outlook Anywhere


Before You Begin
To enable Outlook Anywhere, you must follow these steps in the following
order:

Install a valid Secure Sockets Layer (SSL) certificate from a trusted
certification authority (CA) that the client trusts.


Install the Windows RPC over HTTP Proxy component.


Enable Outlook Anywhere on a computer that has the Exchange Server 2007
Client Access server role installed.


When you install Exchange 2007, you can install a default SSL certificate
that is created by Exchange Setup. However, this certificate is not a valid
SSL certificate that is trusted by the client. To use Outlook Anywhere, you
must install an SSL certificate that is trusted by the client.

To perform this procedure, the account you use must be delegated the
following:

Exchange Organization Administrator role


For more information about permissions, delegating roles, and the rights
that are required to administer Exchange Server 2007, see Permission
Considerations.

Procedure
To install the RPC over HTTP Windows Networking component
Click Start, point to Settings, click Control Panel, and then double-click
Add or Remove Programs.

Click Add/Remove Windows Components.

On the Windows Components page, in the Components window, select Networking
Services, and then click the Details button.

On the Networking Services page, in the Subcomponents of Networking Services
window, select the check box next to RPC over HTTP Proxy, and then click OK.

On the Windows Components page, click Next.

Click Finish to close the Windows Components Wizard.

Enabling Microsoft Server 2003 VPN to allow ports 80 (http) and 443 (SSL)

Tools of the Trade

** Nagios (snmp trap) www.nagios.org/

** Procurve Manager (buy)

** Putty - http://chiark.greenend.org.uk/~sgtatham/putty/

** Winrar - http://www.rarlab.com/

** Textpad - http://www.textpad.com/

** Cacti - http://www.cacti.net/

** DHCP Explorer -http://www.networksecurityhome.com/network_tools/dhcp_discovery/dhcp_discovery.html

** HP IP Console Viewer - http://hp-ip-console-viewer.software.informer.com/

** SQL Server Management Studio Express - http://www.microsoft.com/downloadS/details.aspx?familyid=C243A5AE-4BD1-4E3D-94B8-5A0F62BF7796&displaylang=en

** MySQL Administratator - http://dev.mysql.com/downloads/gui-tools/5.0.html

** Vision Soft Visual Audit (buy)

** WireShark (Network packet capture) - http://www.wireshark.org/

** Tortoise SVN - http://tortoisesvn.tigris.org/

** CPUZ - System info - http://www.cpuid.com/cpuz.php

** Memtest86 - tests memory http://www.memtest86.com/download.html

** PSTools - http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx

** Ophcrack - Windows XP/Vista Password breaker

** Axis IP Utility - Shows all IP addresses of Axis camera's on the network

** OutlookRecoveryToolboxSetup

** Qres - setting windows resolution & screen size via command line

** Microsoft Installer Clean Up

Vesa Standard

http://www.ergoindemand.com/about_VESA_standard.htm

DMZ

(Def from wiki)

is a physical or logical subnetwork that contains and exposes an organization's external services to a larger, untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN); an external attacker only has access to equipment in the DMZ, rather than the whole of the network.

Admin Tools

http://www.microsoft.com/DOWNLOADS/details.aspx?familyid=86B71A4F-4122-44AF-BE79-3F101E533D95&displaylang=en

Procurve Switch Commands

conf t - to access the configuration

int/interface = the port

show int = shows the interface details

write memory = saves the configuration from flash to ram

int ## name 'newneame' changes the name of a interface (port)

Tagged vs Untagged switch ports

On switches VLAN 1 is the standard VLAN and cannot be changed: deleted or renamed.

Def: Tagged Ports

Tagged ports can belong to more than one VLAN


Def: Untagged Ports

Untagged ports can only belong to one VLAN

HP Procurve - VLAN Menu

To access the VLAN menu (for easier tag/untagged port setups)
type "menu"
choose "switch configuration"
choose VLAN menu

Exchange 2007 - Troubleshooting

Open Exchange Management Console
- Toolbox
- (Message Flow Tools)
- Message tracking

From the client:

telnet mailserver 25 (smtp)
ehlo

telnet mailserver 143 (imap)

If you can connect OK you will see the banners pop up.

systemboard replacement

uk5 datacentre

HP DL360 G5

Technical Test

Always always look very carefully at a problem...

I had a technical test this morning:

Networking had 2 connectors defined:

a Local Loopback connector name: "Local Area Connection" and a proper network interface named "Fax".

The trick was the local loopback connector was defined with a IP Address - but can't go anywhere

A certain URL cannot be reached?

1. Ping your gateway? Can't ping it? - Check network connection.
2. Local Loopback connector is no use on its own - make a bridged connection with the "fax" connection (As this connection is the proper networking interface)
   
3. Ping gateway? can you ping it, yes? ping desired url
   
4. Can you ping the url? yes it pings 127.0.0.1 --> localhost
5. Here you should ask?? localhost?
   
6. Check your host file c:\windows\system32\drivers\etc\hosts

Microsoft Loopback Connector:
(copied from: http://support.microsoft.com/kb/839013)

Manual installation

To manually install the Microsoft Loopback adapter in Windows XP, follow these steps:

1. Click Start, and then click Control Panel.
2. If you are in Classic view, click Switch to Category View under Control Panel in the left pane.
3. Double-click Printers and Other Hardware, and then click Next.
4. Under See Also in the left pane, click Add Hardware,and then click Next.
5. Click Yes, I have already connected the hardware, and then click Next.
6. At the bottom of the list, click Add a new hardware device, and then click Next.
7. Click Install the hardware that I manually select from a list, and then click Next.
8. Click Network adapters, and then click Next.
9. In the Manufacturer box, click Microsoft.
10. In the Network Adapter box, click Microsoft Loopback Adapter, and then click Next.
11. Click Finish.

After the adapter is installed successfully, you can manually configure its options, as with any other adapter. If the TCP/IP properties are configured to use DHCP, the adapter will eventually use an autonet address (169.254.x.x/16) because the adapter is not actually connected to any physical media.

Note By default, TCP/IP properties are configured to use DHCP.

IIS - copying a website

To copy a website:

- if you copy a website (import/export settings) you won't export the security settings.

Step:

- Export existing website
- Create new website - import from file
- Goto new website location and set ACL's.

Must have IT Tools

Textpad

- Spamelikeabitch - email routing software (to test email delivery)

- IIS Resources

- Putty (telnet)

- Filezilla (ftp client)

- multimon - multiple monitor connection

- Keepass (keep login details safe and central & generate random pwd's)

- XMail Manager - Gui interface for Xmail servers (very handy)

- DHCPExplorer - Explore DHCP Servers

- Remote Assistance (%windir%\explorer.exe "hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/Escalation/Unsolicited/Unsolicitedrcui.htm")

Networking Tutorial

Switch Logins:

Use putty to connect to the switch

conf t (Configure terminal) to login to the admin module

sh int 2 (will show you the interface 2 / the port on the switch)

Understanding Microsoft System Restore

System restore backs triggers include:

- windows updates
- driver installations & updates
- any system changes
- manual creation of restore points

The files it monitors are:
cat, .com, .dll, .exe, .inf, .ini, .msi, .ole, .sys

Creating a system Restore Point
- All Programs - Accessories - System Tools - System Restore and follow the wizard.

System Restore uses 200mb of hdd space and will hold onto it untill its freed.

You have to have admin rights on the machine you are accessing to be able to access sytem restore.

Spamato

Download
http://www.spamato.net/index.php?option=com_content&task=view&id=30&Itemid=63

Changing a motherboard on a DL360 G5

The Active Directory Tutorial

IIS on XP

Control Panel - Admin - IIS

Setup authentication to include windows logon (domain)

accessing http://localhost

files located c:\inetpub\wwwroot\

logs: c:\windows\system32\logfiles\

Check Event Viewer for errors

Tutorial:
http://www.advancedinstaller.com/user-guide/tutorial-iis.html

SQL Server Management Studio (2005)

Use to connect to sql servers, setup queries, check backups

To download sql server management express

http://www.microsoft.com/downloadS/details.aspx?familyid=C243A5AE-4BD1-4E3D-94B8-5A0F62BF7796&displaylang=en

Active Directory - DFS

Distributed File System (DFS) is a set of client and server services that allow an organization utilizing Microsoft Windows servers to organize many distributed SMB file shares into a distributed file system. DFS provides location transparency and redundancy to improve data availability in the face of failure or heavy load by allowing shares in multiple different locations to be logically grouped under one folder, or DFS root.

Admin Tools - Distributed File System

- New Root ( to setup a new root)

- Show Root ( to view current root)

You can right click on the target to open the path to the folder.