Wednesday, December 28, 2011

Freeware Utilities

I'm always looking for more utilities to add to my arsenal for scripting, automating and generally freeing up time for other tasks, like sipping a fresh coffee ;^)

Over the past few months I've been pointed to, or found, four more sites chock full of tasty utilities.

  • AnalogX has a varied collection covering network, system, programming, even audio utilities.

  • joeware has a whole pile of free tools, many related to Active Directory, account management and networking.

  • NirSoft has an impressive array of tools for forensics, networking, systems, passwords and a whole lot more. They also have a blog so you can keep posted on updates and additions.

  • Optimum X has a decent list of network, software and login utilities. Although some are a bit long in the tooth (one is from 9/98), there's still some gold here.

These should keep you busy for at least a few minutes. And as always they're my favorite price, free.

Tuesday, December 20, 2011

Disable Prius Beeping when in Reverse

If you have a Prius, there's a good chance you are annoyed by the constant beeping when you put the car in reverse. I can understand if it's heard outside the car, since it's almost completely silent when in electric mode, but it only alerts the passengers in the vehicle. Since selling my Corvette, I've been driving my wife's Prius a lot and the beeping was beginning to really grate on me...

After a few searches, here's what I found (read the steps once before attempting, some of them are time dependent).

  1. Start the car with your foot on the brake as usual.

  2. Press the ODO button until "ODO" appears on the dash display. (If it's already present, cycle around once to display it again.)

  3. Turn the car off.

  4. Again with your foot on the brake, press POWER to restart your Prius.

  5. Within 6 seconds of starting, press and hold the ODO button for 10 seconds and don't release it.

  6. You're still holding the ODO button after 10 seconds, right? Now shift the car into Reverse and quickly press the Park button. You may now release the ODO button.

  7. The odometer display should now show "b on" (if not, start over).

  8. Press the ODO button until the display shows "b off."

  9. Turn the car off by pressing the POWER button.

  10. Start your Prius now, put it reverse and enjoy the silence.

Note: This is supposed to work only with US models, so if you're abroad it's up to the kindness of your dealer. And I've only tested this on a 2009 Prius, so your mileage may vary :)

Saturday, December 17, 2011

Search Fails for Some Outlook or OWA Users

Due to a recent power outage at a client site, their Exchange search catalogs became corrupted. The issue at hand was that searches in Outlook or OWA only resulted in showing results prior to the outage.

To confirm that this was the case, I opened the trusty EMS and ran this command on an affected individual.

test-exchangesearch username | fl

This result confirmed the catalog corruption:
ResultFound : False
SearchTime : -1

The fix is rather easy, but depending on your database size, can be rather lengthy. The script below stops the Microsoft Exchange Search Indexer, deletes the Catalog of the database in question and restarts the Indexer which fires off a complete rebuild.

You can find the script here (from where it must be run): <drive>:\Program Files\Microsoft\Exchange Server\Scripts

Syntax: ResetSearchIndex.ps1 -force <database>

Example: ResetSearchIndex.ps1 -force "Mailbox One"

The rebuilding of our catalogs took almost an hour for a 80GB database. And that was on a fairly powerful system with 32GB of RAM.

Thursday, December 15, 2011

Surveying a Linux System, Part 3 - Usage

This is the last in my Linux survey trifecta, examining current usage, plus a bit of troubleshooting.

As with both the hardware and software posts, you may need to run some of these as root and your mileage may vary, since not all distros are alike.

Show a list of recent logins
# last

Process list (check out additional switches)
# ps -A

Current performance and PIDs (you can use kill to end a runaway process)
# top

Current memory usage
# free

Disk usage (shows directories by size, based on your current location, usually best to start from root /)
# du -sh *

Network status (lots of switches to drill down with)
# netstat -a

Time since last reboot
# uptime

I'll add to these lists as I come across more useful commands. Thanks to O'Reilly for the command directory.

Tuesday, December 13, 2011

Script to Export a Mailbox to PST

With an occasional need to export a user mailbox to PST for archive, I decided it would be useful to be able to call up a script and save myself some time and mouse clicking.

Should you wish to give the script below a try, copy it into a text file and change the extension to .ps1

Note: This script should be run from a system with Outlook and the Exchange Management Tools installed (they both need to be 32 or 64-bit) for this to work).

rem Gathering names for labeling the exported PST
$fname = Read-Host "First name?"
$lname = Read-Host "Last name?"

rem Assigning the current date to the $date variable
$date = get-date -uformat "%Y_%m_%d"

rem Capturing name of mailbox account (assigning to $uname variable)
$uname = Read-Host "Username?"

rem Capturing admin acct that is currently logged in to add mailbox permissions (assigning to $admin variable)
whoami > $admin

rem Adding permissions for admin allowing export
Add-MailboxPermission -AccessRights FullAccess -Identity $uname -User $admin

rem Exporting mailbox to D:\PSTs (change path to your liking)
Export-Mailbox -Identity $uname -PSTFolderPath D:\PSTs\$fname"_"$lname"_"$date.pst

If at some point I get time or get paid to do so, I'll make a script to allow the use of a list for mass export.

Sunday, December 11, 2011

Surveying a Linux System, Part 2 - Software

A few days back, I listed  some Linux commands for getting hardware information. Now onto software and operating system information. Again, you may need to run some of these as root and your mileage may vary, since not all distros are alike.

List version of Red Hat/Fedora/CentOS
# cat /etc/redhat-release

List version of SuSE
# cat /etc/SuSE-release

List verion of Ubuntu
# cat /etc/lsb-release

Kernel info
# uname -a

View network info
# ifconfig

DNS servers
# cat /etc/resolv.conf
Hostname and Gateway
# cat /etc/sysconfig/network

Shell being used
# echo $SHELL

Check cron jobs (scheduled tasks)
# crontab -l

The final Linux command installment will cover some troubleshooting commands.

Friday, December 9, 2011

Software in my Binder

Earlier this year I covered what items I carry in my backpack, this time it's about what software I carry in my soft-sided TechNet folder. Of course there's the usual operating system and application disks, but there are a number of rescue and utility disks as well...

Operating Systems and Applications

  • Windows 2000, XP, Vista, 7, 2003 R2, 2008, 2008 R2 (32 & 64-bit versions)

  • Office 2003, 2007 & 2010 (all 32-bit)

  • CentOS 6.2 (64-bit)

  • Fedora 16 (64-bit)

  • Ubuntu 11.10 (64-bit)

  • Knoppix - Live Linux boot disk

  • VMware ESXi 5.0 (64-bit)

  • DVD with Windows and Office Service Packs

Rescue and Utilities

Anything you like or recommend (preferably free)?

Tuesday, December 6, 2011

Surveying a Linux System, Part 1 - Hardware

I am called to work on Linux systems only occasionally, which is unfortunate since it is a very versatile and useful OS that should warrant more of my time.

In many instances the request has been to survey a Linux box, and as usual I'm searching Bing and Google for commands. Here's the first of three parts, starting with hardware, in which I share my compiled list for getting info from a Linux system. BTW, you may need to run some of these as root and your mileage may vary, since not all distros are alike.

CPU Information
# cat /proc/cpuinfo

Amount of Memory
# cat /proc/meminfo

Hard Disks
# df -h

Check PCI Buses and Devices
# lspci

Check USB Buses and Devices
# lsusb

Crazy amount of Hardware Data
# dmesg | less

Next up, software (as related to the OS and configuration).

Sunday, December 4, 2011

Recurring meeting has been declined!

A recent Outlook user, trying to book a non-recurring meeting, received this error: "Giant Conference Room has declined your meeting because it is recurring. You must book each meeting separately with this resource." But, it was non-recurring!!!

This error comes about when multiple users have the same resource open, in this case a conference room, and make edits causing the Free/Busy information to become corrupt.

In order to fix the issue, just change one of the scheduling settings within Outlook > Options > Calendar > Resource Scheduling..., such as "Automatically decline recurring meeting requests," click OK, then change it back. It'll cause the Free/Busy data to rebuild and scheduling may once again take place.

Tuesday, November 29, 2011

Symantec AntiVirus Runtime Error!

Earlier this year, a customer kept getting this error when rebooting:

Microsoft Visual C++ Runtime Library Runtime Error!

Program: C\Program Files\Symantec AntiVirus\Rtvscan.exe

This application has requested the Runtime to terminate it in an unusual way.

Please contact the application's support team for more information.

Luckily the fix isn't too painful...

Go to a command prompt and run wbemtest
• Click Connect (upper-right)
• Replace root\default (or root\cimv2) with root\securitycenter and click Connect.
• You will be returned to the original screen, now click the Enum Classes... button, leave the Superclass Info box empty and click OK.
• In the Query Results screen, click AntivirusProduct and select Delete.
Close the Query windows and Exit wbemtest.
• Now either repair or  re-install Symantec Antivirus Corporate Edition.

Sunday, November 27, 2011

SQL Server Management Studio Express

Who doesn't love free? I certainly do. Microsoft has offered a great free version of its flagship database software, MS SQL, for quite some time now. And up until a few years ago it didn't have a GUI front-end, but Microsoft fixed that with the release of SQL Server Management Studio Express.

Now out of the box, it typically doesn't connect, i.e. to a WSUS or WSS Embedded, Compact or Windows Internal database. For security purposes they disable the Named Pipes protocol in MS SQL and for unknown reasons the Management Studio has difficulty connecting to the SQL instance on the local server, i.e. localhost.

To get going with the SQL Management Studio, the Named Pipes protocol needs to be enabled. Go to Start > Programs > MS SQL > Config Tools > SQL Config Mgr, then under SQL Server Network Configuration > Protocols for MSQLSERVER, double-click Named Pipes, set Enabled to Yes. Then the MS SQL Service must be restarted.

When you fire up the SQL Management Studio, use \\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query in the Server Name field, choose your Authentication and click Connect.

Free is good again.

Update: For Windows Server 2012 & 2012 R2, the path is \\.\pipe\MICROSOFT##WID\tsql\query

Wednesday, November 23, 2011

Recursively Add Public Folder Permissions

Last week I found myself having to export (for archival) and remove a large tree of Public Folders. I thought the task would be easy, open Outlook, highlight the top level folder and Export to PST.

Little did I know someone changed the top-level permissions of the folder I previously created, removing any admins from the list, so any new folder in the tree inherited the lack of admin rights. Now I had to change permissions on 472 folders, not something to be done individually.

A short search yielded just the info I needed. There is a script called AddUsersToPFRecursive.ps1 in the \Microsoft\Exchange Server\Mailbox\Scripts directory; use and syntax is below.

AddUsersToPFRecursive.ps1 -toppublicfolder \Finance -User "Joe Admin" -Permissions Owner -Confirm:$False

Change the -toppublicfolder to \ or \Marketing\Calendars, whatever suits your needs. And be sure to add the -Confirm:$False switch, otherwise you will have to hit Enter (or Yes) for every folder change. Don't ask me how I know...

Sunday, November 20, 2011

Time Skew and Exchange Services

On a recent Sunday night, I was home watching The Walking Dead, a colleague called to say that our core switch was down in our colo. As he was on vacation, I raced over there, preformed some troubleshooting, finally rebooting our huge Cisco 4510 to bring everything back online, that is except Exchange.

The Exchange cluster was using iSCSI, thus was offline during the outage and now would not mount the databases; both the System Attendant and Information Store services would not start. After trying a reboot and examining the Failover Clustering, these error messages were found in the Event Log:

System attendant - EventID: 1005 Unexpected error The clocks on the client and server machines are skewed. ID no: 80090324 Microsoft Exchange System Attendant occurred.

MSExchangeIS - EventID: 5003 Unable to initialize the Microsoft Exchange Information Store service because the clocks on the client and on the server machine are skewed. This may be caused by a time change either in the client or the server machine, and may require a reboot of that machine. Other than that, verify that your domain is properly configured and is currently online.

I didn't even consider the fact that the Exchange server's system time didn't match the domain controllers'. Both nodes were a full six minutes behind! Once the clocks were synced with the DCs, both services started, databases mounted and we were back in business.

Due to the fact we're running a hybrid UNIX/Windows DNS network, oddities like this seem to creep up. Once I have this sorted, there will likely be a blog post about that as well.

Wednesday, November 16, 2011

Windows 3-Tier Certificate Authority

Many months ago I was tasked with implementing a 3-tier Certificate Authority for a large Windows domain environment. Unfortunately there is surprisingly little information for the nitty-gritty questions one may have. The Microsoft Press book Windows Server® 2008 PKI and Certificate Security proved quite useful, but at times lacking. (This book seems to have been discontinued, thus outrageous pricing; add a comment if you want a link to the eBook.) The Corelan Team site added more insight and was quite useful as well.

Here is the document I created detailing our setup and configuration process (using generic server names and Contoso as the company). Please review the entire document first, should use it for reference. Please note: this document is unsupported and is meant only as a guide.

Should you post questions here, I will do my best to answer them or help point you in the correct direction. This project took place almost a year ago and I'm no longer on site to examine the configuration, so please understand if I may not be able to shed light into the darkest corners of CA voodoo.

Ps. Thanks to SL @ TM for his time and trust with this project.

Saturday, November 12, 2011

PowerShell: Execution of scripts is disabled

This information is available on many sites, but I'm tired of searching for it every few months when I switch laptops/tablets.

Whenever you try to run an unsigned PowerShell script, you get the following message: "File C:\Custom\Test.ps1 cannot be loaded because the execution of scripts is disabled on this system. Please see "get-help about_signing" for more details."

I certainly believe Microsoft is doing the right thing with keeping PowerShell script execution secure with the proliferation of malware and 99%+ of Windows users don't even know about PowerShell.

Changing the PowerShell security setting is a simple affair. Open PowerShell as an Administrator and run the following: Set-ExecutionPolicy

Your choices are:
Restricted (default) - Which stops all unsigned scripts from running.
AllSigned - This allows only signed scripts to run.
RemoteSigned (my recommendation) - Allows local scripts to run, but all downloaded or remotely executed must be signed.
Unrestricted (not recommended) - This allows all scripts to execute, whether from an e-mail, website or instant message.

Syntax: Set-ExecutionPolicy RemoteSigned

Wednesday, November 9, 2011

Fedora 16 Released

If you haven't used Linux in a while, you should give it a second look. Fedora 16 was unleashed on the computing world yesterday.

The latest versions of Fedora, and most modern Linux distributions, have come a long way since the painfully slow and complex installations. Hardware support, especially with the Fedora Project, has been constantly improving. The user interface has greatly improved over time and there is a nice package of productivity tools included (read: M$ Office alternative).

Many of the apps included don't have the same polish as in Mac OS or Windows, but for free, you get an amazing operating system. It is also a secure alternative to Windows and Mac OS, just based on the quantity of malware written for Linux, it's virtually non-existent.

Download it today and give it a try. It'll run on new and old hardware alike, 32-bit and 64-bit, and can easily be used in a virtual machine. Have fun!

Friday, November 4, 2011

So how much does my Nook weigh?

I knew it! Every time I put content on my Nook Color it becomes heavier and heavier. I already have 4GB of data on it and the extra .000000000000000001 grams is killing me. (It weighs 15.8 ounces, before adding all that heavy content.)

And this is precisely why I have an eReader. The Nook Color allows me to carry a whole library of IT titles as well as works from every spectrum of printed media, without braking my back or ruining my gas mileage (a former colleague carried about fifteen fat UNIX books in the back of his car everywhere).

I'm not saying that the Nook Color is the best choice, but when I bought mine, it was the only color, non-iPad choice at (or under) $250 that was worth anything. Given a choice today, it would be the Kindle Fire, although Barnes & Noble does have an announcement pending... (Maybe my wife would like a slightly used and loaded Nook Color, it's not very heavy.)

Tuesday, November 1, 2011

Setting the Out of Office Reply at the Command Line

If you've ever had to set someone's (like a VP's) Out of Office message because they left town before doing so, and of course don't have access to Outlook Web Access, it can be quite a disruption to your work. Recently I was surfing Jim McBee's blog and found this gem, which he in turn had gotten from Bharat Suneja and the Exchange team.

Just replace the text in bold red and run it in an Exchange Command Shell:

Set-MailboxAutoReplyConfiguration –AutoReplyState Scheduled –StartTime “11/2/2011” –EndTime “11/9/2011” –ExternalMessage “External OOF message” –InternalMessage “Internal OOF message

Sunday, October 30, 2011

AD Recycle Bin Tool

Last year Windows IT Pro magazine highlighted ADRecycleBin from Overall Solutions. It's an excellent free utility to bring back deleted items (or reanimate for earlier Active Directory installations than 2008 R2).

It's a very nice alternative to the built-in feature in Windows Server 2008 R2 and is a drastic improvement over item recovery in earlier versions of Active Directory with a great GUI interface.

They have a couple of other interesting products in Maven, ResetPass and Action Engine, not everything is free, but it's close.

Update: Unfortunately the original site and tools are gone, but the author was kind enough to share it with me. Here's the app, at least until I'm told not to share it online.

Thursday, October 27, 2011


If you're in IT working with Windows and haven't heard of Sysinternals, you may want to check to see if you've been living under a rock.

Sysinternals started as the community or free arm of Winternals, the money making portion of the company. Microsoft purchased Winternals back in 2006 for its IP and brain-trust. Mark Russinovich has been the most active of the original staff, appearing at numerous conferences, blogging and evangelising the Microsoft operating systems.

The Sysinternals site has numerous, extremely useful troubleshooting and informational utilities; so much so I could devote this blog to their tools for the next year or three. Since access to the site is free, as are the downloads, help files and instructions, I'll just highlight a few things here...

Autoruns - Displays list of applications, drivers loaded and much more, that start at boot time. Includes locations of registry and file locations. Great for hunting malware.
Process Explorer - Displays all running processes and subprocesses, plus open handles, threads, paths, a veritable cornucopia of information. Task manager wishes it was this great.
Process Monitor - Allows you to monitor file system, registry, process, thread and DLL activity in real-time.
TCPView - Get detailed listings of all TCP and UDP endpoints on your system, including source and destination.

The Learning Resources are also impressive, with great videos and articles .

And as I mentioned, this is all free.

Monday, October 24, 2011

Jetable E-mail Addresses

I'm not sure if there's another industry out there that requires the sheer amount of access-based content that the IT industry does. What I mean by access-based content is information that requires a a login, signup or tithe (in the form of your e-mail address) for entrance to, or downloads of, eBooks, white-papers, files, blogs, forums, webcasts, trial applications, etc.

Many of the sites that require some sort of access, I will never visit again. So why give access to any of my mailboxes for a possible endless stream of unread mail? And why chance winding up on a spam list or having my address sold to "industry partners"?

This is where Jetable comes in. You can create a disposal e-mail address that will expire in one hour to one month, your choice. Jetable's service creates a time-limited e-mail forward to a real address. Just put in your real e-mail address, choose a Life Span based on how long you need (I usually choose one day) and click Create...

They support ten languages and have a Firefox plug-in (if you're into that sort of thing). Oh yeah, it's free!

Friday, October 21, 2011

Exchange Server Address List Service Failed

While creating a new user mailbox on an Exchange 2007 server a few moons ago, I received an error stating: "Exchange server address list service failed to respond", obviously stopping my creation task in its tracks.

This function is apparently one of the many that fall under the Microsoft Exchange System Attendant Service, once this service was restarted I was able to create my account and head out for a much deserved lunch.

Wednesday, October 19, 2011

MAPI32.DLL wrong version or corrupt

One of my clients recieved the error message "MAPI32.DLL wrong version or corrupt" a few months ago, after trying Outlook 2007 and reverting back to Outlook 2003. The fix was simpler than expected...

With Outlook closed, browse on over to C:\Program Files\Common Files\System\MSMAPI\1033 and rename the MSMAPI32.DLL file. Open Outlook again and the MSMAPI32.DLL file will be replaced with the proper version (Office or Outlook install media may be required).

Tuesday, October 18, 2011

User Profile Service service failed

While attempting to log onto an Windows Server 2008 R2 system with Exchange 2010 for the first time, I received the following error: "User Profile Service service failed the logon. User profile cannot be loaded."

After much searching, we found that during a reinstall some bits were left in C:\Users\Default\AppData\Local\Microsoft\Exchange Server

Once the files therein were removed, I was able to login successfully. We surmised that since the files were in the Default profile, something was stopping a new profile from being generated.

Wednesday, September 21, 2011

WMIC to the Rescue

A recent project had me trying to script the retrieval of the Dell Service Tag. Luckily there's WMI Command-line to the rescue.

From a command line or in a script wmic bios get serialnumber will display or grab the Dell Service Tag.

Furthermore, you can use the WMI Command-line to retrieve all kinds of system data and even make configuration changes. Rob van der Woude's great site on scripting has a great primer and examples on using WMIC. TechNet Magazine also has a very useful article on gathering system data using WMIC in your environment.

Finally, checkout the WMI Admin Tools pack. It contains more than I want to type about here, but it gives you the ability to browse the various objects, classes and properties, plus a custom event viewer and much more. Check it out and make your (administrative) life better.

Wednesday, September 14, 2011

List of Exchange Scripts

I started following Pat Richard's blog a few months ago and have since found his scripts to be quite useful. Even if I'm not using them directly, they've been useful as a reference when writing my own.

He recently created a list of scripts available on his site; stop by and take a look.

Tuesday, May 24, 2011

Function Keys at the Command Prompt

This is sort of a noob post, but I'd forgotten about these, even though I use the command prompt almost hourly at work.

With a cmd shell open:

Press     To Get
F1           Last command displayed one letter at a time
F3           Repeat last command
F5           Displays the last commands one-by-one
F7           Displays the command history
F8           Cycles through the last commands, typing a character or two will cause it to match the prefix

There are a couple more, but they don't always respond correctly and IMHO are less useful.

Monday, April 18, 2011

Microsoft Case Studies

Need that extra push to get a budget approved. Perhaps you need ammo to bring into fruition (or shoot down) the latest whim of those in executive row. Microsoft Case Studies may have your answer.

Divided by Industry, Business Need, IT Issue, etc., with searchable fields as expected, there is a good amount of video and downloadable content to help make or break a case.

Wednesday, March 23, 2011

Exchange Keyword Search

So you want to look for a specific word in all the mailboxes on your server without buying a 3rd party application? Try the Exchange Management Shell.

You need three things on your client system before running the command (this is not recommended to be run on the Exchange server itself)

  1. Outlook 2003+

  2. Exchange Management Tools 2007 or 2010

  3. A configured Outlook profile with a folder for the export

get-mailbox –Database "Mailbox name" | Export-Mailbox –SubjectKeywords "Keyword" –TargetMailbox "Your mailbox" –TargetFolder 'Pick one'

The fields that need changing are in red. If you have multiple databases, the command will need to be run multiple times, and of course, the larger the databases, the longer it will take to run.

Good hunting.

Ps. Thanks to SL @ TM for this tip.

Tuesday, February 22, 2011

Microsoft Learning Snacks

You may have guessed it already, but they're bite-sized videos for learning quite a few of Microsoft's products.

Click here for a full list of what's available, all that is required is Silverlight for viewing.

I'm currently watching the eleven videos for Windows 7, part of my studies for an upcoming certification exam, and they've been pretty good so far. And of course, they're free :)

Monday, January 31, 2011

Say Ninite

(Re)building systems can be quite a drag, especially once you get to the part when it's time for downloading all the 3rd party software. This would include: Flash, Java, Firefox, Skype, etc., etc.

Enter Ninite, an amazing, time saving, utility website. It works as advertised, allowing you to choose your choice of applications, whereupon it generates a custom installer that with one-click, installs everything you wanted, without toolbars and crapware that would normally be installed by default.

There's also a corporate option for using with scripts or automated deployments. This is definitely a time saver and worth a look. Did I mention it's free :)